Security Compliance Analyst
The simple task of buying software, services, or tools at work has become hopelessly complicated at even the most innovative companies in the world. Today, enterprises spend $120T+ per year globally (>30 times larger than annual consumer e-commerce spend) and rely on vendors more than ever before to run their businesses.
Our cofounders started Zip in 2020 to address this seemingly intractable problem with a purpose-built procurement platform that provides a simple, consumer-grade user experience. Within the last 4 years, Zip has created a new category and developed the leading solution in this $50B+ TAM space. Today, the world’s leading companies like OpenAI, Snowflake, Anthropic, Coinbase, and Prudential rely on Zip to manage billions of dollars in spend.
We have a world-class team coming from category-defining companies like Airbnb, Meta, Stripe, Salesforce, Apple, and Google. With a $2.2 billion valuation and $370 million in funding from Y Combinator, Tiger Global, BOND, DST Global, and CRV, we’re focused on developing cutting-edge technology, expanding into new global markets, and—above all–driving incredible value for our customers. Join us!
Your Role
The Security & Compliance team at Zip is committed to providing a high level of security assurance to customers, aligning security goals with business objectives and customer requirements. As a GRC Analyst at Zip, you’ll be a key driver for ensuring the success of compliance programs at a fast-growing company. Your contributions will be pivotal to the overall growth and competitive edge of Zip’s GRC program. You’ll ensure we can securely and compliantly build new features, help design and scale the compliance programs that power our expansion, from supporting new certifications to enabling secure AI development and entry into new markets like the EU and U.S. Federal sector.
You Will
Drive and perform periodic compliance-related activities, such as user access reviews, internal audits, and third party risk management
Develop, implement, and improve core compliance projects, such as leading security awareness training initiatives and helping drive adoption of best practices across the company
Curate responses for customer due diligence and security questionnaires and maintain our security knowledge base
Collaborate with internal stakeholders and external auditors to support third party audits including SOC 1, SOC 2, and ISO 27001
Develop, maintain, and lead the adoption of security policies, standards, and guidelines to ensure compliance with applicable regulatory requirements
Qualifications
Bachelor’s degree in a related field
2+ years of experience in GRC, information security consulting, cybersecurity risk, audits, or similar roles
Strong written and verbal communication skills with both technical and non-technical stakeholders
Familiarity with and participation in one or more of the following frameworks: ISO 27001, SOC 1, SOC 2, FedRAMP, PCI DSS
Familiarity with information security fundamentals for cloud software systems
Nice to Haves
Professional certifications in information security are a plus but not required
The salary range for this role is $95,000 - $150,000. The salary for this position is determined based on a variety of job-related factors that may include location, relevant experience, education, or particular skills and expertise.
Perks & Benefits
At Zip, we’re committed to providing our employees with everything they need to do their best work.
📈 Start-up equity
🦷 Full health, vision & dental coverage
🍽️ Catered lunches & dinners for SF employees
🚍 Commuter benefit
🚠 Team building events & happy hours
🌴 Flexible PTO
💻 Apple equipment plus home office budget
💸 401k plan
We're looking to hire Zipsters and that means hiring people who take ownership, communicate openly, have an underdog mindset, and are excited to increase the pace of innovation for every business in the world. We encourage all candidates to apply even if your experience doesn't exactly match up to our job description. We are committed to building a diverse and inclusive workspace where everyone (regardless of age, religion, ethnicity, gender, sexual orientation, and more) feels like they belong. We look forward to hearing from you!
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Zip seeks an AI Agent Solutions Consultant, Legal to architect and deploy AI agents that automate contract workflows and scale legal team operations across enterprise customers.
Pilot Company is hiring an Associate General Counsel, Technology to lead negotiation and counseling on software, cloud, privacy, and cybersecurity matters in support of product and engineering teams.
EchoPark Automotive is hiring an organized Automotive Tag & Title Specialist to handle vehicle registrations, title transfers, payoff checks, and DMV document processing at our Chesterfield, MO store.
Experienced estate planning attorney sought for Huber Fox, P.C.'s Sacramento office to lead trusts, estates, probate, and elder law matters and expand client relationships.
Support Brooklyn prosecutors as a Paralegal by managing discovery, preparing felony case files, and coordinating evidence and documentation for criminal cases at the Kings County District Attorney’s Office.
CesiumAstro is hiring a Senior Export Compliance Administrator to lead export licensing, classification, and policy for aerospace programs while advising leadership and interfacing with U.S. government agencies.
UWM seeks an on-site Mortgage Servicing Consumer Response Coordinator in Pontiac to manage intake, investigation, and resolution of servicing complaints in compliance with regulatory requirements.
Bristol Myers Squibb is hiring an Associate Director, Tax Counsel in New York to lead international tax strategy, M&A integration, and cross-functional tax advisory work on a global scale.
The University of Arkansas is hiring an Equal Opportunity & Title IX Investigator to conduct impartial investigations and ensure compliance with civil rights and Title IX regulations on the Fayetteville campus.
A consumer-focused fintech is hiring an experienced Compliance Complaints Manager to lead regulatory complaint handling, drive remediation and reporting, and support senior compliance leadership.
Forbright Bank seeks a detail-oriented Senior Paralegal / Legal Operations Manager to run litigation and legal operations for the Solar Servicing team and streamline legal workflows across the organization.
Support a busy commercial litigation practice in Phoenix as a Practice Support Team Specialist handling document preparation, billing and intake, calendar coordination, and e-filing for assigned timekeepers.
Abramson Labor Group is hiring a Law and Motion Attorney experienced in civil litigation drafting and research to support employment and workers' compensation cases at our Burbank office.
Senior executive role responsible for directing Boyd Gaming’s enterprise compliance program, regulatory relationships, and internal control approvals across all jurisdictions.
Zip is a leading global financial services company, offering innovative, people-centred products that bring customers and merchants together. On a mission to be the first payment choice everywhere and every day, Zip offers point-of-sale credit and...
5 jobs
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
