Staff GRC Compliance Analyst

Job Description

Where you’ll work: United States: Eastern or Central Time Zones

Security at GoTo

Everyone deserves to work in a safe and secure environment. That's why we're passionate about delivering secure, remote workforce products and services that prioritize the protection of business assets, customer data, and employee information. We're committed to creating products that are not only secure but also user-friendly and accessible to all. We thoughtfully infuse AI into our tools, leveraging it as a powerful resource to deliver genuine, practical value and address real security challenges. Join us and help create a future where security meets simplicity and AI-powered innovation. 

Your Day to Day

As a Staff GRC Compliance Analyst you would be working on:

• Serve as a staff level, cross-trained GRC expert across Compliance, Audit, and Risk, partnering with teams to strengthen trust and resilience across the business
• Perform control mapping, gap analysis, and remediation tracking across multiple frameworks to proactively reduce audit risk
• Partner with engineering, IT, and security teams to translate regulatory requirements into actionable, testable technical controls
• Identify and operationalize improvements to the control framework to align with evolving regulatory demands (e.g., NIS2)
• Reduce manual audit friction by driving process improvement and leveraging automation (dashboards, workflows, tooling integrations)

What We’re Looking For

As a Staff GRC Compliance Analyst your background will look like:

• Hands-on experience operating within complex cloud or SaaS control environments across major frameworks (NIST 800-53, ISO 27001, PCI-DSS, HIPAA), including practical control testing
• Demonstrated ability to independently map regulatory requirements to technical control execution and identify material gaps using sound risk judgment
• Experience managing audit evidence collection and remediation tracking during live audit cycles
• Effective verbal and written communication skills with proven ability to engage technical stakeholders effectively
• Process improvement and automation mindset, with experience leveraging GRC tooling (e.g., Thoropass, AuditBoard, or similar platforms) to improve audit efficiency

What We Offer

At GoTo, we believe in supporting our employees with a comprehensive range of benefits designed to fit your life, at work and beyond. Here are just some of the benefits and perks you can expect when you join our team:

• Comprehensive health benefits, life and disability insurance, and fertility and family-forming support programs
• Generous paid time off, paid holidays, volunteer time off, and quarterly self-care days and no meeting days
• Tuition and reading reimbursement programs to support your continuous learning and professional growth
• Thrive Global Wellness Program, confidential Employee Assistance Program (EAP), as well as One to One Wellness Coaching
• Employee programs—including Employee Resource Groups (ERGs), GoTo Gives, and our charitable matching program—to amplify your connection and impact

At GoTo, you’ll find the flexibility, resources, and support you need to thrive—at work, at home, and everywhere in between. You’ll work towards a shared goal with an open-minded, cohesive team that’s greater than the sum of its parts. We’re committed to creating an inclusive space for everyone, because we know unique perspectives make us a stronger company and community. Join us and be part of a company that invests in your future, where together we’ll Be Real, Think Big, Move Fast, Keep Growing, and stay Customer Obsessed. Learn more. rpj

Benefits: Comprehensive health insurance (medical, dental, vision), 401(k) plan with discretionary company match, paid time off, employee discount programs, Short Term and Long Term Disability, Basic Life Insurance, and fertility benefits.

The above shows our ranges from minimum to maximum. Your compensation will be determined based on your location, experience, and the pay of employees in similar positions. You will also be eligible for a variable pay component and benefits.