Jobs · Legal · California

Senior Risk and Compliance Analyst

Mytra · Brisbane, CA · Yesterday
On-siteLegalFull-time

About the role

Serve as the primary operational liaison between Mytra and external security certification auditors for SOC 2 and ISO 27001, helping coordinate requests, timelines, evidence packages, and follow-ups.
Own audit evidence collection workflows, including gathering evidence from internal teams, checking evidence quality, organizing materials, tracking status, and delivering complete packages to auditors.
Serve as co-admin / co-owner of Mytra’s Vanta GRC platform, helping maintain system organization, evidence workflows, control mappings, user access coordination, and audit readiness activities.
Maintain transparency across security-related work by communicating tasks, risks, status, decisions, and updates to the Security team, Security Committee, and broader company audiences as appropriate.
Track major security initiatives and help ensure they remain on schedule by maintaining clear workback plans, surfacing blockers early, and coordinating with owners across functions.
Support customer security reviews for prospective and existing customers by coordinating responses, collecting accurate information, managing review artifacts, and helping ensure timely completion.

Responsibilities

Manage Security Committee operations, including pre-read material distribution, real-time meeting notes, committee organization tooling, recurring security activity tracking, and follow-through on personal and distributed tasks.
Perform third-party security reviews for prospective vendor partners, including intake, questionnaire review, evidence assessment, risk documentation, and recommendation preparation.
Manage recurring security policy updates so policies remain current, accurate, and aligned with company standards, security commitments, and evolving compliance needs.
Interview Mytra staff to understand real operating procedures, document pertinent processes, and integrate those procedures into the security policy and procedure stack.
Research potential new security tooling, compare options across multiple vendors, and provide clear summaries of tradeoffs, costs, risks, implementation considerations, and recommendations.
Schedule and coordinate security-related meetings with internal and external stakeholders, ensuring the right people, materials, context, and follow-ups are in place.

Requirements

Have experience in security, compliance, risk management, GRC, audit readiness, vendor risk, customer security reviews, or a related operational role.
Understand the basics of SOC 2, ISO 27001, security policies, audit evidence, control ownership, and compliance documentation, with a desire to deepen expertise over time.
Be highly organized and can manage multiple recurring activities, deadlines, requests, meetings, and follow-ups without losing details.
Communicate clearly and proactively with internal teams, external auditors, vendors, and customers, translating security and compliance needs into practical next steps.
Exercise sound judgment within defined procedures and know when to escalate ambiguity, risk, blockers, or decisions that require security leadership input.
Build productive working relationships across functions and are comfortable interviewing staff, asking precise questions, and turning operational knowledge into clear written procedures.
Be detail-oriented and quality-minded, especially when reviewing evidence, updating policies, preparing auditor materials, or responding to customer and vendor security requests.
Be comfortable operating in a fast-paced startup environment where processes are evolving and strong documentation, ownership, and follow-through matter.
Have strong written communication skills and can produce clear, structured documentation for policies, procedures, meeting notes, task trackers, review summaries, and decision records.
Demonstrate a collaborative, team-first mindset with the confidence to ask questions, raise concerns early, and help create visibility across the security program.

Qualifications

Nice to have:

  • Experience supporting SOC 2, ISO 27001, or similar security certification programs.
  • Familiarity with GRC tools, ticketing systems, knowledge bases, vendor review platforms, or audit evidence management workflows.
  • Experience coordinating committees, governance forums, recurring compliance activities, or cross-functional operating cadences.
  • Prior exposure to customer security questionnaires, vendor due diligence, risk registers, control testing, or policy lifecycle management.
  • Experience researching and comparing security tools across multiple vendors and presenting practical recommendations to technical and non-technical stakeholders.
  • Interest in robotics, industrial automation, hardware/software systems, supply chain technology, or security for complex electro-mechanical systems.

Skills

Strong written communication skills and ability to produce clear, structured documentation for policies, procedures, meeting notes, task trackers, review summaries, and decision records.

Benefits

Competitive compensation and equity grants at a high-growth company backed by top-tier VCs
Fully subsidized health coverage, including medical (baseline plans), dental, and vision for employees and dependents
401(k) plans and employer-subsidized life insurance
Generous PTO and company-paid holidays, including one week over the winter break so everyone can recharge together
Voluntary pet insurance, Voluntary Life Insurance, Accident, Critical Illness, and Hospital Indemnity
Fully subsidized tax advisory services and education to help you understand your equity
Commuter benefits, including a up to $150 monthly commuter benefit
Lively, modern combined office and lab space where we rapidly iterate through design, build, and test phases
Fully equipped onsite gym and showers at headquarters

Pay

The Pay Range For This Role Is 145,000 - 160,000 USD per year(Mytra, Inc.)

Similar jobs

Senior Compliance Analyst

Allspring Global InvestmentsMilwaukee, WI· 2 wk ago
Legal$85k–$100k/yrapply on careers-allspringglobal.icims.com