Senior GRC Analyst

· Remote

Location

Remote

Type

Full Time

Job Description

DigitalOceanJobs
Senior GRC Analyst

Senior GRC Analyst

Reposted 14 Hours Ago
Seattle WA USA
In-Office
140K-165K Annually
Senior level
Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
DigitalOcean is the Inference Cloud built for production AI.
The Role
Lead the design and implementation of an integrated ISO-focused compliance program expand product-level certification scope run risk assessments and remediation author security policies design engineering-friendly controls manage cross-functional compliance projects support incident response and customer compliance inquiries and serve as the GRC subject-matter expert to mature SOC 2 HIPAA and multiple ISO standards.
Summary Generated by Built In

Dive in and do the best work of your career at DigitalOcean. Journey alongside a strong community of top talent who are relentless in their drive to build the simplest scalable cloud. If you have a growth mindset naturally like to think big and bold and are energized by the fast-paced environment of a true industry disruptor you’ll find your place here.  We value winning together—while learning having fun and making a profound difference for the dreamers and builders in the world. 

We’re looking for a Senior GRC Analyst to serve as the primary architect for our expanding ISO ecosystem.

As a Senior GRC Analyst at DigitalOcean you will lead the strategic maturation of DigitalOcean’s compliance framework to include multiple ISO standards such as ISO 27001 ISO 27017 and ISO 22301. You will also lead maturation efforts concerning the existing compliance program which includes; but is not limited to SOC 2 and HIPAA. You will be a builder who understands the importance of balancing compliance with engineering velocity collaborating directly with engineering and product teams to integrate compliance into existing workflows. You will partner with teams throughout the organization to weave applicable controls into the fabric of our operations ensuring DigitalOcean remains a trusted platform for our customers. This role reports to the Manager of GRC within the Security organization.

What You’ll Do:
  • Multi-Standard Strategy: Architect and lead the implementation of an Integrated Management System (IMS) that harmonizes requirements across multiple ISO standards.
  • Compliance Scope Expansion: Manage cross-functional projects required to achieve and maintain product-level compliance certifications and/or eligibility for DigitalOcean’s core and emerging cloud services.
  • Risk Governance: Lead both annual and ad-hoc risk assessments; maintain a dynamic risk register and drive cross-functional remediation for identified gaps.
  • Control Innovation: Design and implement controls which meet rigorous standards without sacrificing velocity.
  • Policy: Author and maintain enterprise-level security policies standards and procedures that reflect current regulatory landscapes internal risk appetite and operational engineering realities.
  • Operational Responsiveness & Customer Trust: Act as a subject matter expert in GRC on-call rotations directly address complex customer inquiries and support incident response activities to ensure compliance obligations are met under pressure.
What You’ll Add to DigitalOcean:
  • Expertise: You have 5+ years of experience in GRC with a proven track record of leading multi-certification and multi-standard compliance programs preferably at a technology company where you directly partnered with engineering or infrastructure teams.
  • Program Maturity: You have experience building maturing and expanding the influence of an ISO program.
  • Risk Lifecycle Management: You have experience in risk identification various risk assessment methodologies discerning between appropriate risk responses and monitoring risk treatment plans.
  • Navigating Ambiguity: You are comfortable working cross-functionally to interpret ambiguity within new standards (e.g. ISO 42001) regulations and legislation.
  • Influence: You have the ability to translate complex legal and regulatory requirements into actionable testable controls for engineering product and IT teams.
  • Project Management: You have strong project management skills and the ability to manage complex multi-quarter roadmaps involving dozens of stakeholders
Nice to Have:
  • Certifications: Relevant industry certifications such as a CRISC or ISO 27001 Lead Implementer
  • Privacy Knowledge: Familiarity with prominent privacy legislation (e.g. GDPR/CCPA) as it relates to ISO 27701
Compensation Range: 
  • $140000-$165000

*This is a hybrid role

JR: 2026-8012

#LI-Hybrid

Why You’ll Like Working for DigitalOcean
  • We innovate with purpose. You’ll be a part of a cutting-edge technology company with an upward trajectory who are proud to simplify cloud and AI so builders can spend more time creating software that changes the world. As a member of the team you will be a Shark who thinks big bold and scrappy like an owner with a bias for action and a powerful sense of responsibility for customers products employees and decisions.
  • We prioritize career development. At DO you’ll do the best work of your career. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that will always challenge you to think big. Our organizational development team will provide you with resources to ensure you keep growing. We provide employees with reimbursement for relevant conferences training and education. All employees have access to LinkedIn Learning's 10000+ courses to support their continued growth and development.
  • We care about your well-being. Regardless of your location we will provide you with a competitive array of benefits to support you from our Employee Assistance Program to Local Employee Meetups to flexible time off policy to name a few. While the philosophy around our benefits is the same worldwide specific benefits may vary based on local regulations and preferences.
  • We reward our employees. The salary range for this position is based on market data relevant years of experience and skills. You may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees including equity grants upon hire and the option to participate in our Employee Stock Purchase Program.
  • DigitalOcean is an equal-opportunity employer. We do not discriminate on the basis of race religion color ancestry national origin caste sex sexual orientation gender gender identity or expression age disability medical condition pregnancy genetic makeup marital status or military service.

Application Limit: You may apply to a maximum of 3 positions within any 180-day period. This policy promotes better role-candidate matching and encourages thoughtful applications where your qualifications align most strongly.

Skills Required

  • 5+ years of experience in GRC leading multi-certification and multi-standard compliance programs preferably at a technology company
  • Experience building maturing and expanding an ISO program (e.g. ISO 27001 ISO 27017 ISO 22301)
  • Risk identification and lifecycle management experience including running risk assessments and maintaining a risk register
  • Ability to translate legal and regulatory requirements into actionable testable controls for engineering product and IT teams
  • Strong project management skills managing complex multi-quarter roadmaps with many stakeholders
  • Authoring and maintaining enterprise-level security policies standards and procedures
  • Support incident response activities and address complex customer compliance inquiries as a GRC SME
  • Relevant industry certifications such as CRISC or ISO 27001 Lead Implementer
  • Familiarity with privacy legislation (e.g. GDPR CCPA) as it relates to ISO 27701

What the Team is Saying

DigitalOcean Compensation & Benefits Highlights

  • Healthcare StrengthHealth coverage is described as market‑leading across medical dental vision and mental‑health with company‑paid life and income‑protection. This positions core healthcare and protection benefits as a standout element of the package.
  • Parental & Family SupportParental leave is characterized as above‑average frequently highlighted alongside a phased return‑to‑work program. This indicates strong support for new parents beyond baseline policies.
  • Equity Value & AccessibilityThe package includes recurring equity grants and access to an Employee Stock Purchase Plan. This provides meaningful ownership opportunities alongside cash compensation.

DigitalOcean Insights

Am I A Good Fit?
beta
Expert contributor network
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Broomfield CO
1400 Employees
Year Founded: 2012

What We Do

DigitalOcean is the Inference Cloud — a full-stack production-ready cloud platform built to run AI applications with predictable performance sustainable economics and radically simpler operations at scale. We are built for teams turning AI into real products — not just training models. Our advantage is not fewer features but fewer failure modes when operating AI at scale — combining minimal operational overhead predictable cost efficiency and a full-stack cloud that works as a system. Hyperscalers are broad by design. Neoclouds are infrastructure-first. DigitalOcean is inference-first — with a real cloud underneath. It combines inference-optimized compute managed inference software and integrated cloud capabilities that reduce operational burden for teams running real workloads. Inference is the foundation—not the boundary. Everything else builds on top of it.

Why Work With Us

At DO we do career-defining work. We innovate with AI and build cutting-edge tech. Our rewards to match that intensity - to motivate you recognize your impact and give you what you need to thrive. If you have a growth mindset like to think big and bold and are energized by the fast-paced environment you'll find your place here.

Gallery

DigitalOcean Offices

Remote Workspace

Employees work remotely.

We commit to both remote work and in-person collaboration. These ways of working are dependent on specific roles and are mutually agreed upon by employees. In the US we are mainly remote. In our APAC locations we have a hybrid in-office approach.

Typical time on-site:
Company Office Image
HQBroomfield CO
Company Office Image
Seattle WA
Company Office Image
Hyderabad Telangana
Learn more

Similar Jobs

DigitalOcean

Senior Engineering Manager

Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
In-Office
Seattle WA USA
1400 Employees
201K-251K Annually

DigitalOcean

Technical Account Manager

Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
In-Office
Seattle WA USA
1400 Employees
141K-176K Annually

DigitalOcean

Cloud Operations Administrator - II

Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
In-Office
Seattle WA USA
1400 Employees
107K-134K Annually

DigitalOcean

Senior Global Benefits Manager

Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
In-Office
Seattle WA USA
1400 Employees
116K-145K Annually
Apply Now

Date Posted

07/08/2026

Views

0

Back to Job Listings Add To Job List Company Profile View Company Reviews
Neutral
Subjectivity Score: 0
142,000+ Jobs Tracked
12,400+ Companies
1,930 Categories