GRC Analyst

At Miro, the Security Stream is dedicated to fostering business growth and enduring customer trust by implementing advanced security measures. They develop balanced security strategies, providing assurance and empowering engineering teams with the necessary tools and guidance. This support covers secure cloud management, establishing secure development practices, and effectively detecting and mitigating security incidents.
A key part of this is the Trust & Information Security Team, which concentrates on maintaining the highest information security standards to safeguard the data and privacy of Miro's customers, employees, and stakeholders. This team manages business risks, ensures adherence to legal and regulatory requirements, and promotes a culture of security awareness. Additionally, they act as trusted compliance advisors to the Go-To-Market (GTM) teams, helping to enable and speed up strategic sales initiatives.

About the Role

We are seeking a highly knowledgeable and customer-centric Compliance Customer Success Manager (CSM) to serve as a primary resource for our customers navigating the complexities of cybersecurity and AI governance frameworks. This role is pivotal in ensuring our customers receive accurate, clear, and timely answers to their questions regarding NIST (CSF, 800-53, etc.), SOC2 (Type 1 & 2), ISO 27001, and the emerging ISO 42001 standard. The ideal candidate possesses deep subject matter expertise in these frameworks combined with exceptional communication skills to act as a trusted advisor. You will be instrumental in building customer confidence, fostering strong relationships, and ensuring customers feel supported in their compliance journey.

What you'll do

• Compliance Subject Matter Expert: Serve as the go-to expert for customer inquiries related to the interpretation, requirements, and best practices of NIST, SOC2, ISO 27001, and ISO 42001 frameworks
• Query Resolution: Directly address and resolve customer questions regarding these compliance standards, ensuring accuracy and clarity in all communications (email, calls, support tickets)
• Contextual Understanding: Understand the customer's business context and how their compliance questions relate to their use of our products/services or their broader GRC strategy
• Information Dissemination: Clearly articulate complex compliance concepts to both technical and non-technical customer stakeholders
• Relationship Building: Build trust and rapport with customers through reliable and expert handling of their compliance inquiries
• Internal Collaboration: Work closely with Support, Product, and Sales teams to ensure consistent and accurate messaging regarding compliance topics. Provide internal training or resources as needed
• Knowledge Management: Document common compliance questions and answers, contributing to internal knowledge bases and potentially customer-facing FAQs or documentation
• Stay Current: Continuously monitor changes and updates to relevant compliance frameworks and industry best practices
• Customer Advocacy: Relay customer feedback and frequently asked questions related to compliance back to internal teams to inform product development and service improvements
• Support Customer Success Goals: Contribute to overall customer retention and satisfaction by providing exceptional compliance-focused support

What you'll need

• Proven experience (typically 3-5+ years) in a GRC, cybersecurity consulting, internal audit, compliance management, or technical support role with a strong focus on specific frameworks
• Deep, demonstrable understanding and practical knowledge ofNIST frameworks (e.g., Cybersecurity Framework, NIST SP 800-53). Must be able to explain core concepts and requirements accurately
• Deep, demonstrable understanding and practical knowledge ofSOC2 (Trust Services Criteria - Security, Availability, Confidentiality, Processing Integrity, Privacy). Must be able to explain criteria and audit concepts accurately
• Deep, demonstrable understanding and practical knowledge ofISO 27001 (Information Security Management Systems). Must be able to explain the ISMS structure, risk assessment process, and Annex A controls accurately
• Strong familiarity and understanding ofISO 42001 (Artificial Intelligence Management Systems) and its core principles/requirements. Must be able to discuss its objectives and key components
• Exceptional communication skills (written and verbal), with a proven ability to explain complex technical and compliance concepts clearly, accurately, and patiently
• Excellent research and analytical skills; ability to find and verify accurate information regarding compliance standards
• Strong customer service orientation and interpersonal skills
• Ability to manage multiple inquiries simultaneously and prioritize effectively
• Bachelor's degree in Information Technology, Cybersecurity, Law, or a related field, OR equivalent practical experience demonstrating deep compliance expertise.

What's in it for you

• Competitive equity package
• Health insurance for you and your family
• Lunch, snacks and drinks provided in the office
• Wellbeing benefit and WFH equipment allowance
• Annual learning and development allowance to grow your skills and career
• Opportunity to work for a globally diverse team

About Miro

Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 90M users worldwide, including 99% of the Fortune 100. Miro was founded in 2011 and currently has more than 1,600 employees in 12 hubs around the world.

We are a team of dreamers. We look for individuals who dream big, work hard, and above all stay humble. Collaboration is at the heart of what we do and through our work together we hope to create a supportive, welcoming, and innovative environment. We strive to play as a team to win the world and create a better version of ourselves every day. If this sounds like something that excites you, we want to hear from you!

At Miro, we strive to create and foster an environment of belonging and collaboration across cultural differences. Miro's mission - Empower teams to create the next big thing - is how we think about our product, people, and culture. We believe that creating big things requires diverse and inclusive teams. Diversity invites all talent with different demography, identities and styles to step in , and inclusion invites them to step closer together. Every day, we are working to build a more diverse Miro, cultivate a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences.

Resume/CV

Resume/CV

Attach File types: pdf, doc, docx, txt, rtf
File size: max 2MB

Cover Letter

Attach File types: pdf, doc, docx, txt, rtf
File size: max 2MB

LinkedIn Profile

Website (please include password if necessary)

Will you now or in the future require visa sponsorship for employment with Miro?

What is it about Miro that makes you interested in joining the team?

Why do you feel you would be well suited for this role?

By submitting my application I agree that my data is being stored and processed.

_JobID

A 30-min interview to discuss your relevant skills, perspective on resilience, experience, and what motivates you to join Miro.

02. Hiring Manager

The hiring manager will meet to discuss your experience and fit for the role by assessing whether you align with the Miro Mindset (Curiosity, Drive, Resilience, Empathy, Cognitive Agility & Accountability). This interview usually takes 90-120 minutes.

03. Skill Assesment

An interactive presentation to see your skills in action, based around a particular case study or business problem.

04. Meet the Team

Here you will meet cross-functional stakeholders, and we will ask evidence-based questions to evaluate how well you align with the role and Miro's values and culture.

Meet a member of the leadership team to discuss Miro's company values and share your vision for success at Miro.