GRC Analyst

GRC Analyst, IT Support (Remote)

Full-Time, Remote / Salary, Exempt

Includes Exceptional Benefits, Flexible PTO, Flexible Schedule, Equity

Steno is growing! We’re looking for a GRC Analyst to join our winning team, which is revolutionizing the court reporting industry every single day. We’re a diverse team from all over the country (and beyond), and we’re crazy about redefining the boundaries of an outdated industry.

In this role, you will be instrumental in supporting the organization's governance, risk, and compliance programs. Working in a remote environment, you'll take on a variety of responsibilities focused on assessments, documentation, and compliance monitoring. Your contributions will help ensure that our organization maintains strong governance practices, identifies and manages risks effectively, and remains compliant with all relevant regulations and standards. You'll work collaboratively with cross-functional teams to implement and maintain compliance frameworks, document processes, and monitor ongoing adherence to company policies and external requirements.

Who are you?

We’re looking for a GRC Analyst with experience in security compliance within a remote-first, technology-focused organization. You've helped build core compliance processes and policies in a growing company and understand what it takes to scale compliance programs effectively. Beyond technical expertise, you're a self-directed professional with strong project management abilities who can handle multiple projects simultaneously, communicate clearly through documentation, and demonstrate the patience and persistence needed to see compliance tasks through. You take confidentiality seriously and can be trusted with sensitive compliance matters.

If you’re looking for a company that offers support, guidance, an abundance of killer giphys, and unlimited potential to grow into your best self, you can bet we’d love to have you too. 

On a regular basis you will 

• Demonstrate a strong understanding of control frameworks and compliance requirements in your day-to-day work
• Apply your strong understanding of the SOC2 audit process and reporting requirements to support organizational compliance efforts
• Utilize proficiency with documentation tools and evidence management systems to maintain organized compliance records
• Work with vendor assessment questionnaires (VSAQ, SIG, CAIQ) to evaluate third-party security postures
• Leverage data analysis skills for tracking compliance metrics and trends to inform decision-making
• Apply a detail-oriented approach to policy documentation and procedure writing to ensure accuracy and clarity
• Coordinate audit activities across distributed teams to keep projects on track and ensure alignment
• Conduct research to stay current with regulatory changes and evolving compliance landscapes
• Embrace a process improvement mindset for enhancing compliance workflows and operational efficiency
• Utilize strong data gathering skills and problem-solving abilities to adapt to novel challenges as they arise
• Employ strong organizational skills and create templates/forms to gather Business Impact Analysis and Third Party Risk information from other departments

You’re gonna crush it if

• You have 3 to 5 years of experience in a security compliance role
• You have experience participating in SOC2 audit compliance and controls management
• You have experience participating in a formal risk management program
• You have experience performing Business Impact Analysis activities
• You have experience performing third-party vendor risk audits

Compensation & Benefits

• Salary - $100,000 - $120,000
• Health, Vision, & Dental Benefits - low-cost health plans that free up mind space and unlock our employees' best work 
• Wellness/Mental Health - shared benefits to be used among employees and families
• Flexible Paid Time Off - allowing employees to find balance in their lives
• Options of Equity - we know our success is nothing without our team
• Access to a company-provided 401(k) account 
• A home office setup and a monthly stipend to offset internet and phone costs 

Our Team 

Steno’s IT, Engineering & Product teams are a highly reliable, constantly innovative group. We work hand in hand with Product and Design to execute new ideas and solutions. 

Our team is also humble, and each individual recognizes that no one or one system is perfect; we see errors as an opportunity for improvement! 

About Steno

• Founded in 2018 and growing fast!
• Values: be highly reliable, constantly innovate, operate with a hospitality mindset
• Diverse backgrounds welcome! Steno employees have a unique blend of legal, technology, operations, and finance experience
• We are revolutionizing the litigation and court reporting industry
• • Flexible deferred payment options (e.g., DelayPay)
  • Cutting-edge technology - unique products and integrations to maximize the output of legal professionals
  • White glove, concierge customer service that our clients rave about

Application Information

• Steno is an equal opportunity employer and does not discriminate based on any characteristics that are protected under the law. All employment decisions are based on qualifications, merit, and business needs.
• Applicants needing special assistance or accommodations for interviews or website access should contact us at [email protected]. 
• Steno personnel will always have either a steno.com email address or will contact you via Rippling Recruiting. Act with caution if asked for personal information. Background checks, for example, are only conducted after an offer is extended.
• Applicants should receive a confirmation email immediately after applying. If you haven’t received it, check your email spam folder and approve the sender address to ensure receipt of future communications. 

• Information provided to Steno, such as professional credentials and skills, educational and work history, the results of technical skills assessments or working exercises, and other information that may be included on a resume or application, is collected and stored in our system. Still, we never disclose or sell your personal information.