JobRushJobRush
Sign inCreate account
All jobs

Governance, Risk, and Compliance Analyst

Youcom4h ago
United StatesHybrid$150K–$180KFull-timeMid Level3+ yrs exp
Apply now

Top focus

Compliance Officer
  • About Us
  • At You.com, we are building the AI Search Infrastructure that powers modern AI systems. Our goal is to create the trusted knowledge layer that agents, applications
  • enterprises rely on to retrieve real-time, accurate
  • citation-backed information.
  • Our platform combines proprietary vertical indexes with LLM-optimized retrieval systems to power AI agents, applications
  • enterprise workflows. We are solving hard problems across search, large language models
  • large-scale infrastructure to make AI systems more reliable, transparent
  • Our team includes engineers, researchers, product builders
  • operators who care about solving meaningful problems and delivering real-world impact. Whether you are improving core infrastructure, shaping product experiences
  • helping bring new AI capabilities to market, your work will help define how modern AI finds and uses knowledge.
  • The Role
  • We're looking for a GRC Analyst to join our growing Security, IT
  • Privacy function. You'll be the backbone of all the compliance work at the intersection of Engineering, Legal
  • Product. This role will build and maintain the compliance programs as part of the security team. Our goal is simple: earn and keep the trust of our customers. The right person translates security and risk into terms that the business and product teams can act on.
  • Key Responsibilities
  • Own and manage compliance programs across frameworks including SOC 2, ISO 27001, GDPR, CCPA, HIPAA, and FedRAMP
  • Coordinate audit activities end-to-end: evidence collection, documentation, auditor responses, and remediation tracking
  • Leverage AI and other tools to deliver metrics that stakeholders can consume and understand
  • Conduct vendor and third-party risk assessments; manage the due diligence lifecycle for new and existing partners
  • Help manage security and risk reviews (e.g. DDQs, VSQs) as part of the procurement process in collaboration with the Legal, Finance, and Security team
  • Assist with building and maintaining compliance policies, procedures, and supporting documentation for security and compliance
  • Translate regulatory and contractual requirements into actionable controls and processes
  • Monitor the evolving regulatory landscape (especially AI-specific regulations) and flag relevant obligations
  • Support Privacy-by-Design reviews for new product features and data practices
  • Track open compliance items and proactively drive them to closure across stakeholders
  • Requirements
  • 3–5 years of experience in GRC, Information Security compliance, or a related field
  • Hands-on experience with SOC 2 or ISO 27001 audits, including evidence collection and gap assessments
  • Familiarity with privacy regulations: GDPR, CCPA, and ideally emerging AI regulatory frameworks (EU AI Act, etc.)
  • Experience managing vendor risk assessments and third-party due diligence processes
  • Strong written and verbal communication skills. You can explain compliance requirements to engineers and legal concepts to product managers
  • Highly organized, able to manage multiple workstreams and deadlines without dropping the ball
  • Comfortable working independently in a fast-paced environment with limited process overhead
  • Leverage AI to help build automation and data analysis workflows for reporting and tracking
  • Bonus points for:
  • Experience at an AI or search company
  • Familiarity with data broker or data licensing compliance
  • CISA, CISM, or CRISC
  • Our salary bands are structured based on a combination of geographic tiers and internal leveling. Compensation is determined by multiple factors assessed during the interview process, with the final offer reflecting these considerations.
  • Salary Band
  • $150,000 — $180,000 USD
  • Company Perks:
  • Hubs in San Francisco and New York City offering regular in-person gatherings and co-working sessions
  • Flexible PTO with U.S. holidays observed and a week shutdown in December to rest and recharge*
  • A competitive health insurance plan covers 100% of the policyholder and 75% for dependents*
  • 12 weeks of paid parental leave in the US*
  • 401k program, 3% match - vested immediately!*
  • $500 work-from-home stipend to be used up to a year of your start date*
  • $600 technology stipend to support a portion of our hybrid/remote team's cell phone and internet expenses*
  • $1,200 per year Health & Wellness Allowance to support your personal goals*
  • The chance to collaborate with a team at the forefront of AI research
  • *Certain perks and benefits are limited to full-time employees only
  • You.com participates in E-Verify. We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee’s Form I-9 to confirm work authorization. (English/Spanish: E-Verify Participation / Right to Work ) We are also an inclusive, equitable
  • accessible workplace. Please let us know if you require accommodation for any portion of the recruitment and hiring process.
  • Beware of recruiting scams: You.com will only contact you through official @ You.com email addresses and will never ask for payment or sensitive personal information during the hiring process.

Required skills

GRCInformation SecuritySOC 2ISO 27001GDPRCCPAvendor risk assessmentsdata analysisautomation
Posted on JobRush — the end-to-end AI job-search platform.