Senior Governance, Risk & Compliance (GRC) Analyst

· Remote

Location

Remote

Type

Full Time

Job Description

NasuniJobs
Senior Governance Risk & Compliance (GRC) Analyst

Senior Governance Risk & Compliance (GRC) Analyst

Reposted 5 Hours Ago
Easy Apply
Boston MA USA
Hybrid
Senior level
Artificial Intelligence • Big Data • Cloud • Security • Software • Cybersecurity • Infrastructure as a Service (IaaS)
Nasuni is the unstructured data foundation for enterprise teams and AI powering where work happens.
The Role
The Senior GRC Analyst will lead audit and compliance initiatives manage risk assessments oversee policy development and drive automation across GRC operations.
Summary Generated by Built In

Senior Governance Risk & Compliance (GRC) Analyst

Location: Boston/Marlborough Hybrid (3 days) or Remote US

Role Overview

Nasuni is seeking a Senior GRC Analyst to strengthen and scale our governance risk and compliance programs across a fast-growing AI-ready SaaS platform. This role owns critical audit risk and policy initiatives that directly impact customer trust regulatory posture and business scalability.

You’ll operate at the intersection of security engineering legal and operations—ensuring our controls are effective auditable and continuously improving.

This role is ideal for someone who has led audit and risk programs end-to-end not just supported them and who is motivated to modernize GRC through automation and intelligent tooling.

Level & Scope Definition

  • Owns execution and continuous improvement of core GRC programs
  • Operates independently across multiple compliance frameworks
  • Influences cross-functional stakeholders without direct authority
  • Balances execution (audits controls) with program optimization
  • Contributes to scalable automation-driven GRC operations

Responsibilities

Audit & Compliance

  • Lead SOC 1 SOC 2 ISO 27001 audits end-to-end (planning → evidence → remediation)
  • Partner with auditors and internal teams to ensure timely accurate audit delivery
  • Track and drive remediation of control gaps with accountable owners

Policy & Governance

  • Own lifecycle of security policies standards and control documentation
  • Align policies to evolving regulatory and business requirements
  • Facilitate cross-functional policy reviews and approvals

Enterprise Risk Management

  • Conduct enterprise risk assessments and maintain risk register
  • Partner with business leaders to prioritize and mitigate risk
  • Deliver risk insights and reporting to leadership for decision-making

Third-Party Risk Management

  • Own vendor risk assessments onboarding and periodic reviews
  • Build scalable due diligence and monitoring processes
  • Partner with procurement and legal on vendor risk decisions

Security Awareness

  • Lead security awareness and training programs (phishing compliance training)
  • Measure effectiveness and continuously improve engagement

GRC Operations & AI Enablement

  • Manage GRC platforms (e.g. Vanta Drata OneTrust)
  • Identify and implement automation opportunities in evidence collection risk tracking and reporting
  • Leverage AI tools to improve control monitoring audit readiness and workflow efficiency

Qualifications

Must-Have

  • 5–9 years in GRC security compliance or risk within SaaS/cloud environments
  • Direct ownership of SOC 2 and/or ISO 27001 audits
  • Experience managing control frameworks and audit evidence lifecycle
  • Strong understanding of risk assessment methodologies
  • Proven ability to drive remediation across cross-functional teams

Preferred

  • Experience with third-party risk programs
  • Familiarity with GRC tools (Vanta Drata LogicGate OneTrust)
  • Experience in high-growth SaaS or PE-backed environments

Ideal

  • Certifications: CISA CISM CISSP CRISC ISO 27001 Lead
  • Experience scaling GRC programs or implementing automation
  • Exposure to HIPAA GDPR or NIST frameworks

Experience Guidelines

  • 5–9 years total experience
  • 2+ years directly owning audits or compliance programs
  • Experience operating in environments with multiple concurrent audits

About Nasuni & Why Work Here (US Boston/Marlborough / Remote)

Nasuni is the unstructured data foundation for enterprise teams—and the AI that supports them. As a Vista-backed SaaS data infrastructure company we help organizations manage protect and activate massive volumes of file data—transforming it into secure AI-ready assets for innovation and growth.

Our unified File Data Platform eliminates infrastructure silos and enables global collaboration resilience and intelligent automation at scale.

At Nasuni you’ll work at the intersection of cloud security and AI—solving complex challenges alongside a team that values ownership innovation and impact. Whether based remotely or in our Boston-area offices you’ll contribute to a platform trusted by enterprises worldwide while growing your expertise in modern AI-enabled data infrastructure.

Why work at Nasuni?   


As part of our commitment to your well-being we are pleased to offer comprehensive benefits packages to employees across the US.  Benefits packages generally include:     

  • Best in class employee onboarding and training 
  • "Take What You Need” paid time off policy 
  • Comprehensive health dental and vision plans 
  • Company-paid life and disability insurance 
  • 401(k) and Roth IRA retirement plan 
  • Generous employee referral bonuses 
  • Flexible remote work policy 
  • 10 Paid Holidays 
  • Wide array of wellbeing offerings 
  • Pre-tax savings accounts with company contributions 
  • Great team culture and social activities 
  • Collaborative workspaces 
  • Free on-site fitness centers and stocked kitchens in select office locations 
  • Professional development resources 

Compensation Transparency: 

In accordance with U.S. pay transparency laws Nasuni is committed to providing visibility into compensation for all U.S.-based roles. Click HERE to view our compensation ranges by job grade. Actual compensation will be based on a variety of factors including a candidate’s experience skills education and work location.

To all recruitment agencies: Nasuni does not accept agency resumes. Please do not forward resumes to our job boards Nasuni employees or any other company location. Nasuni is not responsible for any fees related to unsolicited resumes.

Nasuni is an equal opportunity employer. The equal employment opportunity policy at Nasuni protects employees and job applicants from discrimination on the bases of race religion color sex (including pregnancy gender identity and sexual orientation) parental status national origin age disability family medical history or genetic information political affiliation military service or other non-merit based factors. These protections extend to all management practices and decisions including recruitment and hiring practices appraisal systems promotions and training and career development programs.

This privacy notice relates to information collected (whether online or offline) by Nasuni Corporation and our corporate affiliates (collectively “Nasuni”) from or about you in your capacity as a Nasuni employee independent contractor/service provider or as an applicant for an employment or contractor relationship with Nasuni. 

Skills Required

  • 5-9 years in GRC security compliance or risk within SaaS/cloud environments
  • Direct ownership of SOC 2 and/or ISO 27001 audits
  • Experience managing control frameworks and audit evidence lifecycle
  • Strong understanding of risk assessment methodologies
  • Proven ability to drive remediation across cross-functional teams
  • Experience with third-party risk programs
  • Familiarity with GRC tools (Vanta Drata LogicGate OneTrust)
  • Experience in high-growth SaaS or PE-backed environments
  • Certifications: CISA CISM CISSP CRISC ISO 27001 Lead
  • Experience scaling GRC programs or implementing automation
  • Exposure to HIPAA GDPR or NIST frameworks

What the Team is Saying

Danielle
Daphne
Jay
Anna
Andrew
Arjo
Russ
Preeti

Nasuni Compensation & Benefits Highlights

  • Leave & Time Off BreadthThe package is described as “take‑what‑you‑need” or generous PTO with paid holidays sick time and paid volunteer time. This breadth positions time away as easy to access across different needs.
  • Healthcare StrengthOfferings include comprehensive medical dental and vision coverage with HSA/FSA options plus disability and life insurance EAP wellness and fitness reimbursements and pet insurance. These components indicate broad health protection and supportive wellness resources.
  • Flexible BenefitsFlexible schedules and hybrid/remote work options are emphasized allowing employees to combine remote and on‑site work as fits their role and life. This flexibility supports work‑life integration across locations.

Nasuni Insights

Am I A Good Fit?
beta
Expert contributor network
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Boston MA
550 Employees
Year Founded: 2009

What We Do

Nasuni is a leading unstructured data platform for enterprises where file data is mission-critical for both people and AI. We power the operational file layer where work happens — helping organizations manage protect and activate data so teams can work smarter reduce costs and operate securely without limits. Built on a patented architecture that fuses cloud object storage with enterprise file services — including permissions versioning and a global namespace — Nasuni delivers high-performance file access global data availability and a scalable governed AI-ready single source of truth across every major cloud. Trusted by more than 1300 enterprises globally Nasuni helps organizations modernize file infrastructure strengthen data security and support AI-driven operations. Learn more at www.nasuni.com.

Why Work With Us

We’re scaling up our people our products and our ecosystem. We’re not just building better technology. Nasuni is successful because we focus on taking care of our employees nurturing talent ensuring quality for our customers maintaining a healthy balance sheet and yes always improving our technology.

Gallery

Nasuni Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Our hybrid and remote work policy allows our team to source top talent and let them decide how and where they work best.

Typical time on-site: Flexible
HQBoston MA
Cary NC
Cork Innovation Center
India Innovation Center
London GB
Marlborough MA
Learn more

Similar Jobs

Nasuni

Director Of Sales

Artificial Intelligence • Big Data • Cloud • Security • Software • Cybersecurity • Infrastructure as a Service (IaaS)
Easy Apply
Remote or Hybrid
United States
550 Employees

Nasuni

Senior Software Engineer

Artificial Intelligence • Big Data • Cloud • Security • Software • Cybersecurity • Infrastructure as a Service (IaaS)
Easy Apply
Hybrid
2 Locations
550 Employees

Nasuni

Accounting Manager

Artificial Intelligence • Big Data • Cloud • Security • Software • Cybersecurity • Infrastructure as a Service (IaaS)
Easy Apply
Hybrid
Boston MA USA
550 Employees

Nasuni

Social Media Manager

Artificial Intelligence • Big Data • Cloud • Security • Software • Cybersecurity • Infrastructure as a Service (IaaS)
Easy Apply
Hybrid
Boston MA USA
550 Employees
Apply Now

Date Posted

05/08/2026

Views

0

Back to Job Listings Add To Job List Company Profile View Company Reviews
Neutral
Subjectivity Score: 0
142,000+ Jobs Tracked
12,400+ Companies
1,930 Categories