GRC Analyst

Engineering, Berlin, DE

About the Team

At Miro, the Security Stream is dedicated to fostering business growth and enduring customer trust by implementing advanced security measures. They develop balanced security strategies, providing assurance and empowering engineering teams with the necessary tools and guidance. This support covers secure cloud management, establishing secure development practices, and effectively detecting and mitigating security incidents.
A key part of this is the Trust & Information Security Team, which concentrates on maintaining the highest information security standards to safeguard the data and privacy of Miro's customers, employees, and stakeholders. This team manages business risks, ensures adherence to legal and regulatory requirements, and promotes a culture of security awareness. Additionally, they act as trusted compliance advisors to the Go-To-Market (GTM) teams, helping to enable and speed up strategic sales initiatives.

About the Role

We are seeking a highly knowledgeable and customer-centric Compliance Customer Success Manager (CSM) to serve as a primary resource for our customers navigating the complexities of cybersecurity and AI governance frameworks. This role is pivotal in ensuring our customers receive accurate, clear, and timely answers to their questions regarding NIST (CSF, 800-53, etc.), SOC2 (Type 1 & 2), ISO 27001, and the emerging ISO 42001 standard. The ideal candidate possesses deep subject matter expertise in these frameworks combined with exceptional communication skills to act as a trusted advisor. You will be instrumental in building customer confidence, fostering strong relationships, and ensuring customers feel supported in their compliance journey.
 

What you’ll do

  • Compliance Subject Matter Expert: Serve as the go-to expert for customer inquiries related to the interpretation, requirements, and best practices of NIST, SOC2, ISO 27001, and ISO 42001 frameworks
  • Query Resolution: Directly address and resolve customer questions regarding these compliance standards, ensuring accuracy and clarity in all communications (email, calls, support tickets)
  • Contextual Understanding: Understand the customer's business context and how their compliance questions relate to their use of our products/services or their broader GRC strategy
  • Information Dissemination: Clearly articulate complex compliance concepts to both technical and non-technical customer stakeholders
  • Relationship Building: Build trust and rapport with customers through reliable and expert handling of their compliance inquiries
  • Internal Collaboration: Work closely with Support, Product, and Sales teams to ensure consistent and accurate messaging regarding compliance topics. Provide internal training or resources as needed
  • Knowledge Management: Document common compliance questions and answers, contributing to internal knowledge bases and potentially customer-facing FAQs or documentation
  • Stay Current: Continuously monitor changes and updates to relevant compliance frameworks and industry best practices
  • Customer Advocacy: Relay customer feedback and frequently asked questions related to compliance back to internal teams to inform product development and service improvements
  • Support Customer Success Goals: Contribute to overall customer retention and satisfaction by providing exceptional compliance-focused support

What you’ll need

  • Proven experience (typically 3-5+ years) in a GRC, cybersecurity consulting, internal audit, compliance management, or technical support role with a strong focus on specific frameworks
  • Deep, demonstrable understanding and practical knowledge of NIST frameworks (e.g., Cybersecurity Framework, NIST SP 800-53). Must be able to explain core concepts and requirements accurately
  • Deep, demonstrable understanding and practical knowledge of SOC2 (Trust Services Criteria - Security, Availability, Confidentiality, Processing Integrity, Privacy). Must be able to explain criteria and audit concepts accurately
  • Deep, demonstrable understanding and practical knowledge of ISO 27001 (Information Security Management Systems). Must be able to explain the ISMS structure, risk assessment process, and Annex A controls accurately
  • Strong familiarity and understanding of ISO 42001 (Artificial Intelligence Management Systems) and its core principles/requirements. Must be able to discuss its objectives and key components
  • Exceptional communication skills (written and verbal), with a proven ability to explain complex technical and compliance concepts clearly, accurately, and patiently
  • Excellent research and analytical skills; ability to find and verify accurate information regarding compliance standards
  • Strong customer service orientation and interpersonal skills
  • Ability to manage multiple inquiries simultaneously and prioritize effectively
  • Bachelor's degree in Information Technology, Cybersecurity, Law, or a related field, OR equivalent practical experience demonstrating deep compliance expertise.

What's in it for you

  • Competitive equity package
  • Corporate pension plan
  • Lunch, snacks and drinks provided in the office
  • Wellbeing benefit and WFH equipment allowance
  • Annual learning and development allowance to grow your skills and career
  • Travel allowance for your commute
  • Opportunity to work for a globally diverse team

About Miro

Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 90M users worldwide, including 99% of the Fortune 100. Miro was founded in 2011 and currently has more than 1,600 employees in 12 hubs around the world.

We are a team of dreamers. We look for individuals who dream big, work hard, and above all stay humble. Collaboration is at the heart of what we do and through our work together we hope to create a supportive, welcoming, and innovative environment. We strive to play as a team to win the world and create a better version of ourselves every day. If this sounds like something that excites you, we want to hear from you!

Check out more about life at Miro: 

At Miro, we strive to create and foster an environment of belonging and collaboration across cultural differences. Miro’s mission — Empower teams to create the next big thing — is how we think about our product, people, and culture. We believe that creating big things requires diverse and inclusive teams. Diversity invites all talent with different demography, identities and styles to step in, and inclusion invites them to step closer together. Every day, we are working to build a more diverse Miro, cultivate a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences.

Miro handles and uses personal data of job applicants in line with its Recruitment Privacy Policy found here

Apply for GRC Analyst

Valid email format: example@domain.com
Valid phone number format: +31636363634

Resume/CV *

Attach
File types: pdf, doc, docx, txt, rtf
File size: max 2MB

Cover Letter

Attach
File types: pdf, doc, docx, txt, rtf
File size: max 2MB

Will you now or in the future require visa sponsorship for employment with Miro? *

Global Demographic Questionnaire

At Miro, we're committed to building a diverse and inclusive workplace where everyone can thrive. Your unique perspectives empower us to innovate and drive positive change.

While we're eager to learn more about the rich diversity of our candidates, your privacy is paramount. Participation in this questionnaire is completely optional, and any information you provide will be de-identified and analyzed in aggregate form, ensuring it cannot be used to identify you personally.

The insights gained will directly contribute to our broader inclusion strategy, helping us to identify opportunities for enhancing representation and fostering an environment where all talent can succeed. Rest assured, your responses will not influence your application and will be kept strictly confidential.

By choosing to share your demographic information, you're helping us move towards a more inclusive future. If you consent to participate:

When were you born? *

Which of the following best describes your gender identity? *

Do you identify as a member of the LGBTQ+ community? *

Please note, if you continue in the interview process or are hired and wish to disclose any demographic information for which you would need to be accommodated, you will need to make this disclosure again separately, as the information provided here will not be linked to your identity.

Prepare yourself to go beyond

Here are some helpful tips to ensure you have all the correct information throughout our hiring process.

How we hire

  • 01. Recruiter Screen

    A 30-min interview to discuss your relevant skills, perspective on resilience, experience, and what motivates you to join Miro.

  • 02. Hiring Manager

    The hiring manager will meet to discuss your experience and fit for the role by assessing whether you align with the Miro Mindset (Curiosity, Drive, Resilience, Empathy, Cognitive Agility & Accountability). This interview usually takes 90-120 minutes.

  • 03. Skill Assesment

    An interactive presentation to see your skills in action, based around a particular case study or business problem.

  • 04. Meet the Team

    Here you will meet cross-functional stakeholders, and we will ask evidence-based questions to evaluate how well you align with the role and Miro's values and culture.

  • 05. Leadership Round

    Meet a member of the leadership team to discuss Miro’s company values and share your vision for success at Miro. 

Ready to go beyond?