Job Hunting U
Post a job

Senior Staff Analyst – GRC

About the role:

Mozilla is seeking a Senior Staff Analyst, Governance, Risk, and Compliance (GRC) to join our Information Security team! As a Senior Staff Analyst, GRC, you will play a crucial role in enhancing and maturing Mozilla’s information security, privacy, and compliance programs. You will be responsible for developing, implementing, and maintaining robust GRC frameworks, conducting risk assessments, ensuring regulatory compliance, and fostering a culture of security throughout the organization.

What you’ll do:

  • Develop, implement, and maintain GRC frameworks, policies, standards, and procedures to ensure compliance with relevant laws, regulations, and industry best practices (e.g., GDPR, CCPA, ISO 27001, NIST).
  • Conduct risk assessments, identify potential threats and vulnerabilities, and recommend appropriate controls to mitigate risks to Mozilla’s information assets.
  • Collaborate with legal, privacy, engineering, and other teams to integrate security and privacy by design principles into new and existing products and services.
  • Monitor and track compliance with internal policies and external regulations, including performing regular audits and assessments.
  • Manage and respond to security and privacy incidents, ensuring timely resolution and post-incident analysis.
  • Provide expert advice and guidance on GRC matters to various stakeholders across the organization.
  • Stay informed about emerging GRC trends, technologies, and regulatory changes, and proactively adapt Mozilla’s programs accordingly.
  • Develop and deliver training and awareness programs to promote a culture of security and compliance within Mozilla.
  • Drive continuous improvement initiatives for GRC processes and tools, leveraging automation where possible.
  • Support external audits and certifications related to information security and privacy.

What you bring:

  • 8+ years of experience in Information Security GRC, with a strong focus on risk management, compliance, and privacy.
  • In-depth knowledge of information security frameworks (e.g., ISO 27001, NIST CSF) and privacy regulations (e.g., GDPR, CCPA, LGPD).
  • Proven experience in developing and implementing GRC programs, policies, and procedures.
  • Strong analytical and problem-solving skills, with the ability to identify and assess risks, and recommend effective controls.
  • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex GRC concepts to both technical and non-technical audiences.
  • Ability to work independently and collaboratively in a fast-paced, dynamic environment.
  • Relevant certifications such as CISM, CIPP/E, CRISC, or CISSP are highly desirable.
  • Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

Bonus points for:

  • Experience with GRC tools and platforms (e.g., Archer, ServiceNow GRC, OneTrust).
  • Familiarity with cloud security controls and compliance requirements (e.g., AWS, Azure, GCP).
  • Experience working in an open-source or highly distributed remote environment.
Job Category: Information Technology
Job Type: Remote
Job Location: USA
Salary: C$203.85k-C$349.65k annual
Organization: Job Hunting U

Apply for this position

Allowed Type(s): .pdf, .doc, .docx

Looking for a career change? Browse our job listings now!

Ready to transform your career and unlock new opportunities? Browse our extensive job listings now and discover your dream role in a field that ignites your passion and fuels your growth!
Apply Now
Job Hunting U
Unlock your potential with expert tools and resources to land your dream job. Join our community for insights, guidance, and support on every step of your career journey.
Facebook-f Linkedin Instagram X-twitter Icomoon_brands-tiktok

Company

Newsletter

Get exclusive deals by signing up to our Newsletter.
Copyright © 2026 JobHuntingU, All rights reserved. Powered by ChatGPT & Gemini.