Security Risk and Compliance Analyst

This is a strong fit for ITSG readers interested in GRC, compliance engineering, and practical security controls work supporting a SaaS environment. What you would work on: - Maintain and improve Asana's control framework across SOC 2, ISO 27001, FedRAMP Moderate, and related standards. - Partner with Engineering, IT, People, Security Engineering, Legal, Privacy, and R&D on controls maturity and remediation. - Run audit cycles, support policy governance, and keep evidence pipelines reliable. - Contribute to automation that makes the compliance program more scalable and repeatable. Good fit if: - You have early-career GRC, security risk, compliance, or audit experience. - You want to grow technical skills at the intersection of compliance operations and compliance engineering. - You are comfortable documenting progress and building working relationships with control owners. Curated from Asana Greenhouse for IT Support Group readers. This is an external listing; use the apply link for the source listing and latest details.