Doppler

secrets management

SeniorGRCAnalyst

$150–185k United States FULL TIME Remote Friendly

The Brief

“Senior GRC Analyst at Doppler. Skills: GRC, SOC 2, ISO 27001, Vanta. Maintain SOC 2 Type II and ISO 27001 certifications. Lead compliance work for next certifications”

What You'll Achieve.

Maintain Doppler's SOC 2 Type II and ISO 27001 certifications; Drive our next compliance initiatives; Building systems that reduce manual toil; Move us toward continuous compliance; Track remediation progress; Close findings; Respond to security questionnaires and RFPs promptly and accurately; Represent our compliance posture credibly

Industry & Context.

secrets management

What They're Looking For.

Must Have

5+ years in security, compliance, or GRC, direct ownership of SOC 2 Type II and ISO 27001 programs in a cloud product environment, run audit cycles, not just supported them, Hands-on experience with Vanta (or a comparable GRC platform), Technical fluency, understanding of how auditors think, Experience supporting enterprise sales cycles where security is a procurement requirement, responding to complex security questionnaires, Excellent communication skills across audiences

Nice to Have

Startup or high-growth environment experience, Experience with developer tools or infrastructure security background, Experience with trust center management, Familiarity with secrets management, credential security, or PKI, PCI DSS and GDPR experience with self-attestation or certification work is a plus, Relevant certifications (CISA, CISSP, CISM, CRISC, or equivalent)

What You'll Do.

Maintain SOC 2 Type II and ISO 27001 certifications

Lead compliance work for next certifications

Evaluate additional certifications

Own GRC platform administration

Lead security working group

Design and maintain security controls

Coordinate penetration testing cycles

Author and maintain security policies

Support business continuity and disaster recovery governance

Respond to security questionnaires and RFPs

Participate in customer security reviews

Maintain public-facing trust documentation

Partner with sales on security-sensitive deals

Translate compliance status and risk posture

Lead security awareness and compliance training

Influence engineering and product roadmaps

How You'll Work.

Team & Collaboration

Work closely with engineering, product, sales, and customer success; Drive accountability across teams; Partner with sales on security-sensitive enterprise deals; Influence engineering and product roadmaps

Communication Scope

Excellent communication skills across audiences; brief the CEO on risk posture; explain the same issue to an engineer

Free ATS check

Applying for this Senior GRC Analyst role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

Skill Signal 39 detected

Core

Vanta ×6

ISO 27001 ×5

Required

GRC ×3

SOC 2 Type II ×3

GRC platform ×3

Control mapping ×3

Evidence workflows ×3

Audit readiness ×3

Security working group ×3

Risk identification ×3

Control design ×3

Business continuity ×3

Nice to have

Cloud architecture

Security

Compliance

Risk management

Audit coordination

Policy updates

Threat register

Security controls

Penetration testing

Security policies

Role Details

Work Mode

Remote

Type

FULL TIME

Experience

5–10 yrs

Salary Band

150k-200k

How to Apply on Ashby

Ashby is a fast modern ATS — most applications take under 3 minutes.
The resume parser is strong; verify parsed experience dates and job titles.
Custom screening questions are often scored algorithmically — answer completely.
Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about Doppler?

Real rants from real employees. Read before you apply.

Read Company Rants →