Security GRC Associate Analyst at LastPass

LastPass is seeking a Security GRC Associate Analyst to support its Governance, Risk, and Compliance (GRC) program. The ideal candidate will be a proactive and collaborative achiever who will play a pivotal role in the delivery of GRC program activities. This role involves working cross-functionally to support information security risk and compliance efforts across product and enterprise functions, contributing to a customer-centric approach where security and compliance are embedded into business objectives and security strategies.

The GRC Team enhances LastPass' operational resilience and stakeholder trust by aligning security, compliance, and business objectives. The candidate will collaborate with various stakeholders across Engineering, Safety & Trust, Human Resources, Legal, and Security teams across multiple regions like Hungary, Portugal, Canada, and the United States.

Role Involves:

• Providing guidance on information security program objectives and risk management strategies.
• Assessing and communicating requirements for compliance with security standards like ISO 27001 and SOC 2.
• Monitoring and responding to support requests in the GRC team intake queue.
• Conducting security risk assessments, including third-party assessments.
• Responding to information security inquiries and questionnaires from customers and partners.
• Performing control assurance activities to support continuous control reporting and monitoring.
• Assisting in the preparation and execution of internal and external audits.
• Contributing to the ongoing operation and improvement of the security program.

Requirements:

• 2+ years of experience in GRC or security-related roles.
• Knowledge of security and privacy standards like NIST 800-53, FedRAMP/StateRAMP, CMMC, ISO 27001, SOC 2, and SOX ITGC.
• Ability to integrate security and privacy controls into business processes.
• Excellent communication skills.
• Strong initiative, planning, and organizational skills.
• Ability to communicate complex cybersecurity concepts to diverse audiences.
• A growth-oriented mindset.

LastPass Offers:

• Market-leading password manager
• High-growth, collaborative environment with inclusive teams
• Remote-first culture
• Competitive compensation
• Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
• Generous parental leave
• Comprehensive health coverage, including dependents
• Home office setup support
• LastPass Families free account for up to 5 members
• Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
• Peer-to-peer recognition through Motivosity
• Employee Assistance Program for well-being support
• Remote work stipend to support your home office needs
• Short-Term or Remote-Centric Work Arrangements for added flexibility