GRC Analyst

Position Title: GRC Analyst About the Role At Fivetran, we’re on a mission to make access to data as simple and reliable as electricity. Our fully automated platform moves data from 700+ sources to any destination reliably and securely, powering the analytics, AI, and decision‑making that drives modern businesses forward. This role will be part of the GRC team, responsible for ensuring the continuous integrity, confidentiality, and availability of customer data.

Our customers trust us with their most sensitive information, and maintaining that trust is a critical, core component of both our product and our business. We are seeking a motivated and detail‑oriented GRC Analyst to join our Security team. This role is ideal for a control‑focused audit professional with a solid understanding of IT systems and infrastructure.

Strong communication skills are essential, as is the ability to collaborate and influence across functions and levels of the organization. The position reports to the Director of GRC and will provide broad cross‑functional exposure, working closely with teams across Security, Engineering, Operations, IT, and HR. This is a full‑time position based in our Bangalore office.

We offer a hybrid work model that blends remote flexibility with in‑person collaboration, with two days per week in office. Technologies You'll Use GRC platform for organizing, tracking, and managing controls, testing activities, and audit evidence Cloud platforms, including AWS, Azure, and GCP, for understanding and evaluating cloud‑hosted environments and associated controls Jira for ticket management, workflow tracking, and cross‑functional collaboration GitHub for version control and collaboration on security documentation and policy management Google Workspace for day‑to‑day productivity, documentation, and internal communication What You'll Do Conduct control walkthroughs, testing, and evaluation of IT general controls and application controls across a complex systems landscape, with coverage spanning ISO 27001, PCI‑DSS, SOC 1, SOC 2, and other applicable frameworks Partner with cross‑functional teams to design, implement, and continuously improve control processes and related documentation Support third‑party vendor assessments, evaluating vendors against established security and privacy standards and requirements Develop, maintain, and update Information Security Policies and Standards in alignment with industry best practices and regulatory obligations Participate in IT SOX scoping, risk assessment, and control design activities, contributing to the organization’s overall internal control environment Prepare and deliver clear, accurate internal status reports to communicate control findings, remediation progress, and program updates to relevant stakeholders Skills We’re Looking For Demonstrated experience in security audit, IT audit, and risk management, with a strong understanding of control frameworks and audit methodologies Working knowledge of industry compliance frameworks, including NIST, ISO 27001, SOC 1, SOC 2, and PCI‑DSS Familiarity with cloud technologies and environments, including one or more of GCP, AWS, and Azure, with an understanding of cloud‑specific security and control considerations Strong analytical and technical problem‑solving skills, with the ability to assess complex control environments and draw well‑supported conclusions Proven ability to work collaboratively across functions, taking initiative and contributing constructively to shared team objectives Effective at managing multiple concurrent workstreams, with strong organizational skills and the ability to prioritize in a fast‑paced environment Excellent written, verbal, and interpersonal communication skills, with the ability to present complex information clearly to both technical and non‑technical audiences Bonus Skills Familiarity with FedRAMP compliance requirements and the associated authorization process and control framework Professional certifications in audit or information security, such as CISA, CISSP, AWS, or SANS GIAC designations, are strongly preferred Prior experience working at or directly with a Big 4 public accounting firm, with exposure to large‑scale audit and advisory engagements Experience leveraging AI tools to build workflow automations and drive operational efficiencies within a GRC or security context Perks and Benefits 100% employer‑paid medical insurance Generous paid time‑off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off RSU stock grants Professional development and training opportunities Company virtual happy hours, free food, and fun team‑building activities Monthly cell phone stipend Access to an innovative mental health support platform that offers personalized care and resources in areas such as therapy, coaching, and self‑guided mindfulness exercises for all covered employees and their covered dependents. Note: May vary by country and worker type.

Please reach out to your recruiter for more information. Equal Opportunity Employer, including disability/protected veterans Equal employment opportunity, including veterans and individuals with disabilities. PI283655100 #J-18808-Ljbffr