GRCAnalyst

About Zone & Co: Zone & Co is on a mission to empower finance professionals to drive strategic growth through seamless, intelligent operations. We build cloud-native software solutions on Oracle NetSuite, automating complex financial processes like billing, accounts payable, reporting, and reconciliation. Our vision is to unlock the full strategic potential of finance by infusing the ERP with the intelligence and automation needed for truly transformative operations. Join our rapidly growing team as we redefine financial efficiency for scaling businesses worldwide. The Role: We are seeking a meticulous and proactive Security and Privacy Compliance Analyst to help safeguard our organization and our customers' data. Reporting directly to the Director of IT, Security and Compliance, you will play a critical role in maturing our governance, risk, and compliance (GRC) programs. In this position, you will bridge the gap between technical security controls and regulatory requirements, ensuring that Zone & Co's rapidly expanding suite of financial software maintains the highest standards of data protection and privacy. This role requires a strong foundational knowledge of major security frameworks and privacy regulations, a keen eye for detail in auditing internal processes, and the ability to clearly communicate compliance postures to both internal engineering teams and enterprise customers. Essential Job Functions: Compliance Framework Governance: Lead the management and continuous scaling of Zone & Co’s core security compliance frameworks, specifically SOC 2 Type II and ISO 27001. Privacy Operations Leadership: Govern global data privacy operations to ensure strict, ongoing alignment with GDPR, CCPA/CPRA, and other emerging data protection laws. Customer Trust & Revenue Enablement: Serve as the primary security liaison for enterprise customers, directly supporting the sales cycle by demonstrating and communicating a robust, mature security posture. Risk & Audit Managemen