Senior Information Security GRC Analyst

Strength in Trust

One Trust’s mission is to enable organizations to use data and AI responsibly. Our platform simplifies the collection of data with consent and preferences, automates the governance of data with integrated risk management across privacy, security, IT/tech, third‑party, and AI risk, and activates the responsible use of data by applying and enforcing data policies across the entire data estate and lifecycle.

One Trust supports seamless collaboration between data teams and risk teams to drive rapid and trusted innovation. Recognized as a market pioneer and leader, One Trust boasts over 300 patents and serves more than 14,000 customers globally, ranging from industry giants to small businesses.

We’re looking for a highly experienced Security Assurance Specialist to join our Information Security team at a fast‑paced SaaS company. This individual contributor role is ideal for someone who combines deep security expertise with strong communication skills and a collaborative mindset. You’ll play a critical role in supporting customer trust, mentoring junior staff, and ensuring our contractual and compliance obligations are met.

• Respond to complex security questionnaires and due diligence requests.
• Act as the primary representative for the company in customer meetings to address security posture, controls, and risk mitigation strategies.
• Perform customer audits on the One Trust platform with minimal oversight.
• Translate technical security concepts into business‑friendly language.
• Act as the primary point of contact for Strategic & Enterprise customer escalations, driving timely resolution and preventing recurrence through post‑incident reviews and process improvements.
• Collaborate with Sales, Customer Success, and Legal to support security‑related aspects of deals and renewals.

• Review and provide input on contracts, data protection agreements, and other legal documents for security‑related terms.
• Partner with Legal and Commercial teams to negotiate and validate security terms.
• Collaborate with Legal, Sales, and Procurement teams to ensure alignment with internal security policies and external obligations.

• Mentor junior security assurance team members, providing guidance and support on best practices and professional development.
• Act as a go‑to resource for internal teams with security‑related questions or concerns.

• Create charge‑back process for customer audits to be billed against.
• Maintain and improve documentation related to security assurance workflows.
• Identify opportunities to streamline and automate assurance processes.

• 5-10 years of experience in Information Security, with a focus on security assurance, risk management, or compliance in a SaaS environment.
• Experience mentoring and developing high performing teams, with a track record of elevating team capability and fostering a culture of excellence.
• Demonstrated ability to influence cross functional teams and drive organizational change in security, risk, and compliance domains.
• Proven success in driving programs that scale trust and security practices across large organizations.
• Proven ability to brief and influence executives and customers on trust, security, and compliance strategy.
• Strong understanding of security frameworks and standards (e.g., ISO 27001, SOC 2, NIST).
• Demonstrated ability to interpret and communicate technical security concepts to non‑technical audiences.
• Experience working cross‑functionally with Legal, Sales, Engineering, and Customer Success teams.

• Professional certifications such as CISA (Certified Information Systems Auditor) or CISM (Certified Information Security Manager).
• Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and SaaS architecture.
• Understanding of privacy regulations (e.g., GDPR, CCPA) and their impact on SaaS operations.

For California, Colorado, Connecticut, Nevada, New York, Rhode Island, and Washington‑based candidates: the annual base pay range for this role is listed below.

$104,325 — $ USD

We are…