Governance, Risk & Compliance Analyst

About Apollo Apollo.io  combines a buyer database of over 250M contacts  and  powerful sales engagement and automation tools in one, easy to use platform. Trusted by over 160,000 companies including Autodesk, Rippling, Deel, Jasper.ai, Divvy, and Heap, Apollo has more than one million users globally. By helping sales professionals find their ideal buyers and intelligently automate outreach, Apollo helps go-to-market teams sell anything. In the last year, we’ve grown ARR 3x, quadrupled our active users, and closed a $110M Series C led by Sequoia Capital in March of 2022. This year, we continue to grow faster each month with record months of sales and added ARR. We hope you apply. Working at Apollo We are a remote-first inclusive organization focused on operational excellence.  Our way of working ensures clear expectations and an environment to do your best work with ample reward. About the role: The Governance, Risk & Compliance Analyst will be responsible for the running and improvement of Apollo’s risk and compliance program. They will implement continuous compliance tooling, integrating it with Apollo’s systems and manage the compliance programs for SOC 2 and ISO 27701. They will manage the company’s risk register and ensure that risks are tracked and remediated.  Daily Adventures & Responsibilities: Develop our risk management framework Own the risk register and keep it updated to present the company’s risk profile. Identify Key Risk Indicators and report on deviations. Partner with other teams to support them in identifying risks and their response. Continuously assess security measures in place for effectiveness thus highlighting deficiencies for remedial action.   Ensure compliance Identify, research, and assess compliance requirements for SOC2, ISO 27000, and other certifications. Develop the program and track projects to successfully meet goals. Operate and maintain a continuous compliance tool. Partner with internal teams to ensure alignment with compliance requirements. Gather evidence to demonstrate controls are in place. Design reports related to compliance monitoring and improvement activities to ensure compliance with security policies. Support sales with security requests   What We're Looking For: 5+ years of experience in information security with exposure to implementing or assessing security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc. 3+ years of experience supporting compliance programs within the technology space. Knowledge of implementing, managing, and auditing security & compliance regulation, standards, and frameworks (SOC, PCI DSS, ISO 27001, GDPR, ITIL, NIST, COBIT). Knowledge of cloud platforms such as AWS or GCP. Experience with developing security and compliance reporting for a variety of audiences, including executive management. Comprehensive knowledge of IT security technologies, threats, and vulnerabilities. Industry-related compliance, risk, or security management certification is preferred (CISA, CRISC, CISM, CISSP, ISO27000 Lead Auditor). Technical competence with automation and GRC tooling.     What You’ll Love About Apollo Besides the great compensation package and culture that thrives in openness and excellence, we invest tremendous effort into developing our remote employees’ careers. The team embraces that we have a sole purpose: to help customers maximize their full revenue potential on the Apollo platform. This mindset opens us up to a lot of creative approaches to making customers successful at scale. You’ll be a significant part of a lean, remote team, empowered to really own your role as a proactive educator. We’re very collaborative at Apollo, so you’ll be able to lean on your teammates, even in adjacent departments, to help you achieve lofty goals. You’ll be supported and encouraged to experiment and take educated risks that lead to big wins. And, you’ll have a whole team remotely by your side to help you do it!