Senior Governance, Risk & Compliance Analyst
EMEA – Security and Compliance /
At Digital Turbine, we make mobile advertising experiences more meaningful and rewarding for users, app publishers, and advertisers — intelligently connecting people in more ways, across more devices. We provide app publishers and advertisers with powerful ads and experiences that captivate consumers, fuel performance, and help telecoms and OEMs supercharge awareness, acquisition, and monetization. In a rapidly evolving industry, we are constantly innovating and creating better paths of discovery to connect consumers, publishers, and advertisers across the mobile ecosystem.
As a Senior Governance, Risk & Compliance Analyst you will support the Security team in reinforcing industry standard and maintaining strong compliance procedures. This will be an excellent opportunity for someone to strengthen their experience and skills in Governance, Risk and Compliance and work with a supportive team of industry experts. As the first GRC Analyst in our growing tech hub in Warsaw, you will have a significant impact on our growth in this region, in additional to contributing to our global teams. This is an exciting opportunity for an individual that is passionate about technology, has a solid background in infrastructure and is looking to join an ambitious team. This role will be based in Warsaw, Poland and will operate a hybrid working model.
About the Role:
- This role will also work directly with our internal engineering, security, and product teams on current and future capabilities that could affect the compliance of our products
- The role will be focused on evaluating technology controls, performing audit readiness, and acting as a compliance subject matter expert to the business, as needed
- Manage the development and maintenance of SOX end to end process flows; narratives; data flows and any other control documentation, as needed
- Manage the timely and high-quality execution of GRC landmarks
- Advise process & control owners with the preparation and on-going maintenance of controls and control documentation (e.g., policies, procedures, narratives, and matrices)
- Assist with and drive remediation of process and control deficiencies and gaps identified internally and externally
- Effectively communicate program execution status, key accomplishments, and risks to senior management both within Security and to our business partners
- 3rd Party Security Questionnaires
- Review third party security questionnaires for completeness and determine if additional follow-up is necessary and, if so, obtain the supplemental or clarifying information
- Coordinate and work independently with partner teams to obtain additional information as needed to reach conclusions on 3rd party security questionnaires
- Update master vendor data, including for third party entities and individuals; summarise content updates and corrections to systems
- Maintain centralized knowledge base for 3rd party questionnaires including adherence to industry frameworks such as Consensus Assessments Initiative Questionnaire (CAIQ)
- Lite and Standardized Information Gathering Questionnaire (SIG/SIG-Lite) as well as automate where applicable SOC 2 Assessment
- Managing the preparation and audit activities required to obtain and maintain SOC 2
- Type 2 attestation for Security pillar
- Track record in governance, risk and compliance and experience in implementing security controls following NIST 800-53
- Knowledge of NIST Risk Management Framework
- Knowledge and experience with SOC2, ISO 27001, and NIST frameworks
- Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Infrastructure as a Service (IaaS) environments
- Possess a “whatever it takes to get the job done” mentality (i.e., pick up the phone, stop by a desk, follow-up multiple times)
- Proven security experience in IT audit or advisory
- Ability to work efficiently with minimal oversight/direction
- Excellent written and verbal communication skills; ability to effectively communicate across all levels of the Company
- BA or BS in Computer Science or any related subject area
About Digital Turbine:
Digital Turbine (NASDAQ: APPS) powers superior mobile consumer experiences and results for the world’s leading telcos, advertisers and publishers. Our end-to-end platform uniquely simplifies the ability to supercharge awareness, acquisition and monetization — connecting our partners to more consumers, in more ways, across more devices.
The company is headquartered in Austin, Texas, with global offices in New York, Los Angeles, San Francisco, London, Berlin, Singapore, Tel Aviv, and other cities serving top agency, app developer, and advertising markets. Listed on Deloitte Technology Fast 500 for six consecutive years since 2015 and winner of Austin Chamber of Commerce’s Company Culture in 2020.
Digital Turbine is an equal opportunity employer committed to building a diverse and inclusive team. We welcome people of different backgrounds, experiences, abilities, and perspectives. We embed diversity in our mindset, products, and teams to empower an inclusive, equitable, and culturally fluent environment. Building this culture within our teams makes us better collaborators and partners, driving better outcomes.
To view our Global Recruitment Privacy Notice, please click here.