Governance, Risk, and Compliance Analyst
Samsara
Who we are
Samsara (NYSE: IOT) is the pioneer of the Connected Operations™ Cloud, which is a platform that enables organizations that depend on physical operations to harness Internet of Things (IoT) data to develop actionable insights and improve their operations. At Samsara, we are helping improve the safety, efficiency and sustainability of the physical operations that power our global economy. Representing more than 40% of global GDP, these industries are the infrastructure of our planet, including agriculture, construction, field services, transportation, and manufacturing — and we are excited to help digitally transform their operations at scale.
Working at Samsara means you’ll help define the future of physical operations and be on a team that’s shaping an exciting array of product solutions, including Video-Based Safety, Vehicle Telematics, Apps and Driver Workflows, and Equipment Monitoring. As part of a recently public company, you’ll have the autonomy and support to make an impact as we build for the long term.
About the role
The Governance, Risk, and Compliance Analyst is responsible for ensuring appropriate security controls and compliance requirements are implemented across Samsara’s systems. You will collaborate with a global team to drive third-party vendor reviews and monitoring, security audits, such as SOC 2, ISO, and GovRAMP, and manage key efforts around enhancing and measuring Samsara’s security posture.
You take Security seriously and strive to build low friction solutions developed in close partnership with others. On a typical day, you might meet with Samsara’s legal or procurement team to discuss an ongoing review of a vendor, collaborate with teams in engineering to collect evidence for an upcoming audit report, or work to create new classifications of data access permissions for various employee categories in the company.
This role is open to candidates residing in the US except Alaska, Austin Metro, Boulder Metro, California, Chicago Metro, Connecticut, Dallas Metro, Denver Metro, Houston Metro, Maryland, Massachusetts, New Jersey, New York, Rhode Island, Seattle Metro, and Washington, D.C.
You should apply if:
- You want to impact the industries that run our world: Your efforts will result in real-world impact – helping to keep the lights on, get food into grocery stores, reduce emissions, and most importantly, ensure workers return home safely.
- You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development, countless opportunities to experiment and master your craft in a hyper growth environment.
- You’re energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers.
- You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-calibre team that will encourage you to do your best.
In this role, you will:
- Communicate with senior management the current status of vendor and third-party risks
- Support security audit efforts around SOC 2, ISO 27001, FedRAMP, and other related compliance frameworks
- Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices
- Drive automation and efficiency in the TPRM program through the use of third-parties, such as Zip and Vanta, and creating native solutions; ensuring security reviews and reassessments scale with company growth.
- Partner with Procurement, Legal, and Privacy to ensure vendor risks are identified, documented, and mitigated throughout the vendor lifecycle.
- Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices
Minimum requirements for the role:
- 3+ years of experience in the governance, risk, and compliance space
- Experience implementing or maintaining vendor-risk programs
- Experience performing security and maturity assessments
- Supporting the creation or maintenance of risk registers, compliance inventories, and control mappings across internal and external systems
- Ability to work with systems teams to collaboratively implement security controls across a diverse range of systems, such as Okta, Netsuite, Salesforce, and internal tooling
- Professional experience coordinating and interacting with external auditors, internal engineering teams, business stakeholders, senior leadership, and security operations teams on procurement activities, audit controls and compliance requirements
- Experience conducting vendor risk assessments, including reviewing security certifications, penetration tests, and policies.
- Strong understanding of vendor integration risks and permission scoping across SaaS platforms (eg. Slack, Google Workspace, and Salesforce)
- Ability to translate complex technical findings and requirements into clear business risks and requirements to non technical stakeholders.
An ideal candidate also has:
- Experience working with NIST Cybersecurity Framework profiles, SOC 2, ISO 27001, or similar frameworks
- Experience working within common GRC and procurement platforms such as Zip and Vanta.
- Experience managing high volumes of vendor requests and competing priorities.
- Prior assessment experience in the Software-as-a-Service industry
Samsara’s Compensation Philosophy: Samsara’s compensation program is designed to deliver Total Direct Compensation (based on role, level, and geography) that is at or above market. We do this through our base salary + bonus/variable + restricted stock unit awards (RSUs) for eligible roles. For eligible roles, a new hire RSU award may be awarded at the time of hire, and additional RSU refresh grants may be awarded annually.
We pay for performance, and top performers in eligible roles may receive above-market equity refresh awards which allow employees to achieve higher market.
At Samsara, we welcome everyone regardless of their background. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, gender, gender identity, sexual orientation, protected veteran status, disability, age, and other characteristics protected by law. We depend on the unique approaches of our team members to help us solve complex problems and want to ensure that Samsara is a place where people from all backgrounds can make an impact.
Benefits
Full time employees receive a competitive total compensation package along with employee-led remote and flexible working, health benefits, and much, much more. Take a look at our Benefits site to learn more.
Accommodations
Samsara is an inclusive work environment, and we are committed to ensuring equal opportunity in employment for qualified persons with disabilities. Please email accessibleinterviewing@samsara.com or click here if you require any reasonable accommodations throughout the recruiting process.
Flexible Working
At Samsara, we embrace a flexible working model that caters to the diverse needs of our teams. Our offices are open for those who prefer to work in-person and we also support remote work where it aligns with our operational requirements. For certain positions, being close to one of our offices or within a specific geographic area is important to facilitate collaboration, access to resources, or alignment with our service regions. In these cases, the job description will clearly indicate any working location requirements. Our goal is to ensure that all members of our team can contribute effectively, whether they are working on-site, in a hybrid model, or fully remotely. All offers of employment are contingent upon an individual’s ability to secure and maintain the legal right to work at the company and in the specified work location, if applicable.
Fraudulent Employment Offers
Samsara is aware of scams involving fake job interviews and offers. Please know we do not charge fees to applicants at any stage of the hiring process. Official communication about your application will only come from emails ending in ‘@samsara.com’ or ‘@us-greenhouse-mail.io’. For more information regarding fraudulent employment offers, please visit our blog post here.