GRC Analyst at Sprout Social
As a software-as-a-service company, our customer’s security and privacy are incredibly important to us. Our software is used by more than 25,000+ customers, including The Chicago Bulls, Sony Electronics, Indiana University, Make-a-wish Foundation, Edelman, Subaru, and many others who rely on Sprout to create stronger relationships with their customers through social media.
Our Governance, Risk & Compliance (GRC) team is responsible for maintaining and building upon our Information Security’s Governance, Risk, and Compliance program. This team collaborates closely with our legal, security, internal audit, and sales teams to ensure that we meet all applicable security and compliance-related requirements.
As a GRC Analyst, you will leverage your audit experience to improve our team’s internal processes and drive automation. Your experience in security or procurement will help support our Sales team in explaining our security posture and privacy standards to our customers. You will support any internal or external audits and respond to security inquiries of our customers, all while keeping up-to-date with evolving regulatory requirements.
If you are a self starter with a collaborative attitude and a customer-centric mindset and want to make an impact in the world of Information Governance and Data Privacy, we’d love to talk with you!
These are the minimum qualifications that our hiring team is looking for in this role:
- 2+ years of Information Technology, Security, IT Audit, or similar experience in cloud-based environments
- 1+ year of experience with data privacy, security assurance, or similar
- Experience with compliance or data privacy frameworks such as: SOC 2, SOX, NIST, ISO, CSA, GDPR, CCPA, PCI, etc.
Additionally, these are the preferred qualifications that would indicate a particularly strong candidate:
- Strong interpersonal skills and ability to work effectively with diverse and distributed teams
- 3+ years of internal or external IT audit experience at a public accounting firm
- Certifications in security (Security+, CISSP) or GRC (CISA, CRISC)
- Experience working closely with legal and sales in collaborating on contracts and security assurance artifacts to aid the sales lifecycle
Within 1 month, you will:
- Complete Sprout’s New Hire training program alongside other new Sprout team members.
- Be introduced to Sprout’s security, compliance, and privacy stakeholders across the organization.
- Learn our existing tooling and begin understanding the state of our program.
- Support and shadow teammates on customer calls and contract reviews.
- Closely collaborate with members of our Legal team.
- Get regular team feedback on your approach to managing and engaging our existing compliance workstreams.
Within 3 months, you will:
- Work with your manager and teammates to create and prioritize quarterly team goals.
- Begin to lead contract reviews and interactions with our customers, both pre and post-sales.
- Start to understand the breadth and depth of you and your team’s purview.
- Begin to assist in any quarterly audits, process improvement, and other compliance efforts.
- Build connections with members from other teams through active networking and community building to help foster a security and privacy first culture
Within 6 months, you will:
- Participate in the day-to-day management of our GRC tooling and telemetry.
- Identify gaps within our program, present plans to mitigate risks, and work with teams to get them prioritized within their workstreams.
- Generate and improve internal documentation and external security and privacy collateral.
- Assist in employee training efforts and tasks.
- Partner with Legal teams to continuously improve our ability to deliver reliable support to our Sales partners.
- Begin to take ownership over quarterly audits over IT controls while improving/automating the evidence gathering processes.
Within 12 months, you will:
- Be a go-to expert on information security and data privacy for Sprout.
- Assist in defining the roadmap for future work.
- Surprise us! Use your unique ideas and abilities to change Sprout Security in beneficial ways that we haven’t considered yet.
Of course what is outlined above is the ideal timeline, but things may shift based on business needs and other projects and tasks could be added at the discretion of your manager.
About Sprout Social
Sprout Social powers open communication between individuals, brands and communities through elegant, sophisticated software. We are relentless about solving hard problems for our customers and committed to both customer and team success. Our team’s shared belief in Sprout’s mission promotes a culture of openness, empowerment and fun.
We’re proud to regularly be recognized for our team, product and culture. Our benefits program includes:
- Insurance and benefit options that are built for both individuals and families
- Progressive policies to support work/life balance, like our flexible paid time off and parental leave program
- High-quality and well-maintained equipment—your computer will never prevent you from doing your best
- Wellness initiatives to ensure both health and mental well-being of our team
- Ongoing education and development opportunities via our [email protected] program, employee-led diversity, equity and inclusion initiatives and mentorship programs for aspiring leaders
- Growing corporate social responsibility program that is driven by the involvement and passion of our team members
- Beautiful, convenient and state-of-the-art offices in Chicago’s Loop and downtown Seattle, for those who prefer an office setting
Whenever possible, Sprout wants to provide our team with the flexibility to work in the location that makes the most sense for them. For those that prefer an office setting, this role may be based in our Chicago or Seattle locations. If you prefer to work from your home, we can accommodate that for many locations across the United States. We are not set up in all states, however, so please take a look at the drop down box in our application to see whether your state is listed.
Sprout Social is proud to be an Equal Opportunity Employer and an Affirmative Action Employer. We do not discriminate based on identity- race, color, religion, national origin or ancestry, sex (including sexual identity), age, physical or mental disability, pregnancy, veteran or military status, unfavorable discharge from military service, genetic information, sexual orientation, marital status, order of protection status, citizenship status, arrest record or expunged or sealed convictions, or any other legally recognized protected basis under federal, state, or local law. Learn more about our commitment to diversity, equity and inclusion in our 2020 DEI Report.
If you need a reasonable accommodation for any part of the employment process, please contact us by email at [email protected] and let us know the nature of your request and your contact information. We'll do all we can to ensure you're set up for success during our interview process while upholding your privacy, including requests for accommodation. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.
For more information about our commitment to equal employment opportunity, please click here (1) Equal Opportunity Employment Poster (2) Sprout Social's Affirmative Action Statement (3) Pay Transparency Statement.
Additionally, Sprout Social participates in the E-Verify program in certain locations, as required by law.