Customer Trust & GRC Specialist

Description

WHO WE ARE

Come join the company reinventing data security, empowering businesses to realize the full potential of their data. As the leading data security platform purpose-built for the cloud era, Cyera’s mission is to reinvent how businesses secure data, enable agile collaboration, and boldly pursue new business opportunities. Trusted by security teams at leading global businesses, our team is proving that data security is the next big thing in cyber. Backed by the world’s leading investors and working with a large and growing list of Fortune 1000 companies, we are looking for world-class talent to join us as we usher in the new era of data security.

THE OPPORTUNITY

We are seeking a highly skilled and detail-oriented Customer Trust & GRC Specialist to join our team. In this role, you will take the lead on responding to customer security questionnaires, RFPs, and due diligence requests, working closely with internal teams to clearly communicate our security posture. You will also support broader governance, risk, and compliance efforts across the organization, helping to ensure alignment with regulatory frameworks and internal policies.

This Customer Trust & GRC Specialist role offers an exciting opportunity to contribute to our organization’s success by supporting customer trust, maintaining regulatory compliance, and strengthening our overall risk posture. If you are passionate about both GRC and customer-facing security work, we encourage you to apply and be part of our dynamic team.

RESPONSIBILITIES:

• Manage and complete security sections of RFPs, RFIs, due diligence questionnaires, and customer security/compliance assessments.
• Coordinate with internal stakeholders across Security, Legal, IT, Engineering, and Compliance to gather and validate responses.
• Develop and refine templates, standard answers, and process improvements for RFPs and questionnaires.
• Assist with responding to ad hoc customer security inquiries and requests.
• Conduct risk assessments to identify potential threats and vulnerabilities to the organization's assets, systems, and data.
• Develop and implement governance frameworks, policies, and procedures to ensure compliance with industry regulations and standards (e.g., GDPR, HIPAA, SOX). 
• Monitor and analyze changes in regulatory requirements and communicate updates to relevant stakeholders. 
• Collaborate with internal teams to assess the impact of new projects, initiatives, or business processes on risk and compliance. 
• Perform regular audits and assessments to evaluate the effectiveness of existing controls and identify areas for improvement. 
• Create and maintain documentation related to governance, risk, and compliance activities, including risk registers, control matrices, and compliance reports.
• Provide guidance and training to employees on compliance-related matters and best practices. 
• Coordinate and support external audits and regulatory inspections as needed.
• Stay informed about emerging trends, technologies, and regulations in the GRC space and make recommendations for continuous improvement. 
• Provide responses to security and compliance questionnaires, where answers are unknown, cross functionally work with teams to develop responses.
• Responsible for development of collateral that would indicate how Cyera Platform will support compliance regulations via controls it provides (i.e. PCI, CCM, ISO, GDPR, CloudAct, CalPrivacy, FEDRAMP Etc).

Requirements

REQUIRED QUALIFICATIONS:

• Bachelor's degree in a relevant field such as Information Security, Risk Management, or Business Administration. Relevant experience may be considered in lieu of formal education. A Master's degree or relevant industry certifications (e.g., CISA, CISSP, CRISC) are a plus.
• Proven experience 3-5 years working in a GRC or similar role, preferably in a regulated industry such as Technology,  finance, or healthcare.
• Strong knowledge of regulatory requirements and standards, such as PCI DSS, ISO 27001, NIST Cybersecurity Framework, etc. 
• Proficiency in risk assessment methodologies, compliance frameworks, and control frameworks. 
• Excellent analytical and technical skills with the ability to identify, assess, and prioritize risks effectively. 
• Strong communication and interpersonal skills with the ability to collaborate with cross-functional teams and communicate complex concepts clearly.
• Ability to work independently, manage multiple tasks simultaneously, and meet deadlines in a fast-paced environment. 



COMPENSATION INFORMATION: 

In addition to a standard benefits and equity package, we offer a generous salary. Final compensation will vary based on seniority and relevance of experience, location, and position requirements.

This role may be eligible for potential merit increases based on factors such as individual or company performance, time in role, and other discretionary factors.​

BENEFITS - Why Cyera? 

• Ability to work remotely, with office setup reimbursement
• Unlimited PTO
• Paid holidays and sick time
• Health, vision, and dental insurance
• Life, short and long-term disability insurance