Join Gopuff as the Information Technology Governance, Risk, and Compliance Analyst, where you will be responsible for managing, supporting, and optimizing the IT regulatory and compliance programs and corporate business continuity plans. The IT GRC Analyst will assist with audits and assessments of risk & design, help team members with process improvements, review policy communications and training, integrate technology risk management processes, and ensure business continuity plans are current. The IT GRC Analyst will be an integral part of the GRC Team at Gopuff, and will report to the GRC Senior Manager.

Primary Responsibilities and Activities

Maintain, conduct audits, and assess information technology (IT) security and compliance policies and standards.
Assist team members, and external audit firms, contractors, and vendors to execute on GRC plans initiatives.
Review metrics and reporting to demonstrate technology policy/standards/guidance adoption, implementation, and adherence.

Additional Essential Functions

Follow IT-focused Sarbanes Oxley (SOX) audit plans for Gopuff to ensure the SOX process is successful.
Assist with Payment Card Industry (PCI), Data, Privacy, and Protection legislation and associated programs and projects.
Assist with IT audits and compliance assessments.
Support IT GRC team compliance strategy and planning for Gopuff.
Ensure all existing and developed policies internal audit, SOX, PCI, HIPAA are in compliance with requirements and standards.
Research, and draft policies, standards, and/or procedures; work with all Gopuff InfoSec teams to synergize deliverables across all departments.
Assist coordination of IT General Controls (ITGC) and compliance testing activities and communications with the internal and external auditors and assessors; educate and advise members of business and IT on compliance testing; provide recommendations and guidance on implementation and enhancement of IT controls.
Assist with biannual user certification process.
Assist with and help conduct the annual Information Security Risk Assessment while implementing improvements to the current process.
Assist with yearly PCI assessment; build annual work remediation plan and review and update policies to ensure corresponding procedures are in alignment.
Perform additional assignments and activities as necessary.

Basic Qualifications

Bachelor’s degree and two (2) years of demonstrated experience or interest in IT Governance, Risk and Compliance;
CISA certification preferred, but not required.

Benefits

We want to help our employees stay safe and healthy! We offer comprehensive medical, dental, and vision insurance, optional FSAs and HSA plans, 401k, commuter benefits, supplemental employee, spouse and child life insurance to all eligible employees.

We also offer:

-Gopuff employee discount
-Career growth opportunities
-Internal rewards programs
-Annual performance appraisal and bonus

At Gopuff, we know that life can be unpredictable. Sometimes you forget the milk at the store, run out of pet food for Fido, or just really need ice cream at 11 pm. We get it—stuff happens. But that’s where we come in, delivering all your wants and needs in just minutes.

And now, we’re assembling a team of motivated people to help us drive forward that vision to bring a new age of convenience and predictability to an unpredictable world.

Like what you’re hearing? Then join us on Team Blue.

Gopuff is an equal employment opportunity employer, committed to an inclusive workplace where we do not discriminate on the basis of race, sex, gender, national origin, religion, sexual orientation, gender identity, marital or familial status, age, ancestry, disability, genetic information, or any other characteristic protected by applicable laws. We believe in diversity and encourage any qualified individual to apply.