Vercel Logo

Vercel

GRC Analyst

Posted An Hour Ago
Be an Early Applicant
Easy Apply
Remote or Hybrid
Hiring Remotely in United States
134K-202K Annually
Mid level
Easy Apply
Remote or Hybrid
Hiring Remotely in United States
134K-202K Annually
Mid level
Manage and maintain compliance with security and privacy frameworks (ISO 27001, SOC 2, HIPAA, PCI DSS). Coordinate audits, drive remediation, improve controls and evidence management, support security questionnaires for deal cycles, and design compliance training while partnering across teams to integrate controls into the SDLC.
The summary above was generated by AI
About Vercel:

Vercel is the agentic infrastructure company. We free people and agents to ship what’s next.

For more than a decade, Vercel has shaped how the web is built. As the team behind Next.js, v0, and AI SDK, we create products that help builders move from idea to production with speed, security, and exceptional developer experience.

Now, software is entering a new era, and the next generation of products will not just be used by people. They will be built, extended, and operated by agents.

We are building the platform for that future, trusted by companies like OpenAI, PayPal, Ramp, Supreme, and millions of developers worldwide. Whether you’re building our products, supporting our customers, growing our community, or shaping our story, you’ll help define what comes next.

About the role:

We are looking for a GRC Analyst to join our Governance, Risk & Compliance (GRC) team. You will have the opportunity to manage and maintain ongoing compliance with security and privacy frameworks, policies, procedures, and commercial assessments, including ISO 27001, SOC 2, HIPAA, PCI DSS, and more. Your role will be instrumental in ensuring that our company operates ethically, responsibly, and in accordance with regulatory requirements.

You will collaborate with cross-functional teams to promote a culture of accountability and integrity throughout the organization and foster an environment where everyone understands the importance of adhering to established guidelines and ethical practices. You will report to the Head of GRC and will be located ((remote, onsite, hybrid)).

Think you may not have all the skills and are hesitant to apply? There is no “perfect” candidate and encourage you to apply if you think that you can bring value to our team and are passionate and committed to upholding the highest standards of compliance and ethics.

If you’re based within a pre-determined commuting distance of one of our offices (SF, NY, London, or Berlin), the role includes in-office anchor days on Monday, Tuesday, and Friday, even if the role is listed as remote. For location-specific details, please connect with our recruiting team.

What you will do:
  • Collaborate with internal teams to maintain an effective suite of internal controls and driving remediation efforts to completion with clear documentation of progress.
  • Build strong working relationships across the business so compliance accountability is shared and stakeholders are informed.
  • Streamline annual audits by managing audit deliverables, developing treatment plans, and coordinating across teams to document and track completion to ensure audit success.
  • Monitor and improve controls, processes, and evidence management practices, identify opportunities to automate and streamline GRC operations, and contribute to controls maturity scoring and reporting
  • Enable go-to-market teams and accelerate deal cycles by supporting security questionnaires, addressing compliance inquiries, and maintaining clear, customer-facing documentation on Vercel’s security and compliance posture.
  • Design and manage company training and enhance visibility on compliance-specific topics for internal stakeholders to ensure an understanding of compliance, ethics, and regulatory requirements within the organization.
About you:
  • At least 3 years of relevant experience in supporting the audit lifecycle in a cloud-centric environment (SOC 2, ISO 27001, PCI, HIPAA, etc.), with strong organizational skills to be flexible and proactive in a high-growth, start-up environment.
  • Experience collaborating closely with internal partners to seamlessly incorporate policies and technical controls into the SDLC.
  • Strong project management skills and sense of ownership with the ability to communicate and collaborate effectively, and execute projects across various business units and levels.
Bonus if you have :
  • Strong experience with cloud infrastructure (e.g., Azure, AWS)
  • Familiarity with compliance or software development tools and systems (e.g., Drata, Linear, Datadog, etc.)
  • Experience with frontend development and open source components
  • Relevant industry certifications (i.e., CISM, CISSP, CCEP) is a plus, but not required
Benefits:
  • Competitive compensation package, including equity.
  • Inclusive Healthcare Package.
  • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
  • Flexible Time Off.
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.

The San Francisco, CA base pay range for this role is $134,000-$202,000. Actual salary will be based on job-related skills, experience, and location. Compensation outside of San Francisco may be adjusted based on employee location. The total compensation package may include benefits, equity-based compensation, and eligibility for a company bonus or variable pay program depending on the role. Your recruiter can share more details during the hiring process.


Similar Jobs at Vercel

3 Days Ago
Easy Apply
Remote or Hybrid
Easy Apply
232K-348K Annually
Senior level
232K-348K Annually
Senior level
Artificial Intelligence • Cloud • Software
The role involves leading Vercel's Product Strategy & Operations, owning business rhythms, establishing frameworks for product launches, and partnering with various teams to enhance processes and data analysis.
Top Skills: Cloud InfrastructureData EngineeringData ScienceDeveloper ToolingProduct Operations
4 Days Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
180K-280K Annually
Senior level
180K-280K Annually
Senior level
Artificial Intelligence • Cloud • Software
Manage clusters, develop with Golang, provision infrastructure with Terraform, and enhance performance of the platform handling untrusted code.
Top Skills: ContainersGoIptablesLinuxNomadStraceTcpdumpTerraformVirtual Machines
6 Days Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
208K-312K Annually
Senior level
208K-312K Annually
Senior level
Artificial Intelligence • Cloud • Software
Lead product security work across Vercel: threat modeling, secure code reviews, open-source and supply-chain security, SDLC tooling and automation, bug bounty triage, cross-team security projects, and customer-facing security support to embed security across development and platform operations.
Top Skills: Ci/CdDastDependabotGithub Advanced SecurityGithub WorkflowsJavaScriptNext.JsNode.jsOpen Policy AgentReactSastSecret DetectionServerlessSnykTerraformTypescript

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account