Senior Staff Analyst, GRC

Introduction to Mozilla

Mozilla Corporation is the non-profit-backed technology company that has shaped the internet for the better over the last 25 years. We make pioneering brands like Firefox, the privacy-minded web browser. Now, with more than 225 million people around the world using our products each month, we’re shaping the next 25 years of technology and helping to reclaim an internet built for people, not companies.

About the Team and Role

The role is part of the Security Function within the broader Mozilla Infrastructure team. The Security team supports Product, Enterprise and GRC functions across the organization aligned with the mission to build a safe & secure internet. This role is responsible for defining, developing and helping implement a Governance, Risk and Compliance framework for both Enterprise and Product verticals.

Responsibilities

• Governance: develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives. Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals.
• Risk Management: develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues. Define and deliver measurable scorecards and metrics to enable data driven decision making
• Compliance: ensure compliance with various regulatory standards and frameworks (ISO, NIST, SOC2, CCPA, GDPR, etc). Lead internal and external audit activities including tracking and resolving deficiencies and remediations.