Not specified; equity included; benefits: medical,...
Remote
4 to 6 years grc experience
Enterprise risk management program building
Third-party risk management expertise
Docker is seeking a Senior GRC Analyst to lead its risk management program, focusing on security assessments and third-party risk management. The role is remote, offering a collaborative environment within a globally distributed team dedicated to advancing developer tooling
Job Summary
This role involves owning the buildout and operation of Docker's enterprise risk management program while leading their AI governance initiative.
The successful candidate will design and implement security risk assessments, third-party risk management, and maintain a unified control framework aligned with standards like ISO 42001.
Docker offers a remote-first culture with perks including a home office setup, technology stipend, and equity in a growing startup environment.
Matching Summary
Match Score: 85
Docker is seeking a Senior GRC Analyst to lead its risk management program, focusing on security assessments and third-party risk management. The role is remote, offering a collaborative environment within a globally distributed team dedicated to advancing developer tooling.
Salary
Not specified; Equity included; Benefits: Medical, retirement, holidays vary by country
Skills & Requirements
Must-have
4 to 6 years GRC experience
Enterprise risk management program building
Third-party risk management expertise
ISO 27001 SOC 2 NIST 800-53 knowledge
AI governance concepts familiarity
Cloud environment risk assessment skills
Nice-to-have
CRISC CISA CISSP or CCSK certifications
Experience with GRC platforms like OneTrust
Automation or scripting for risk workflows
Remote-first fast-paced environment experience
Key Requirements
4 to 6 years Information Security GRC experience
Proven track record building enterprise risk programs
Working knowledge of ISO 27001 SOC 2 GDPR frameworks