Governance, Risk & Compliance Analyst

Who are we?

Smarsh empowers its customers to manage risk and unleash intelligence in their digital communications.

Our growing community of over 6500 organizations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels before those risks become regulatory fines or headlines.

Relentless innovation has fueled our journey to consistent leadership recognition from analysts like Gartner and Forrester, and our sustained, aggressive growth has landed Smarsh in the annual Inc.

5000 list of fastest-growing American companies since 2008.

Smarsh is committed to embedding security as a business enabler.

The Governance, Risk & Compliance (GRC) team ensures our security practices meet the expectations of regulators, auditors, and customers.

As a GRC Analyst based in Bangalore, you’ll play a key role in supporting the day-to-day operations of the global GRC program.

You’ll help triage and manage incoming GRC requests, coordinate vendor security reviews, support client assurance activities, and maintain records in GRC systems.

This role is ideal for someone early in their GRC career who thrives on structure, enjoys process-driven work, and takes pride in keeping tasks flowing efficiently across global teams.

Core Responsibilities

GRC Queue Management & Triage

Monitor and manage the GRC team’s shared queue, triaging inbound requests from internal stakeholders and customers.

Prioritize and assign tasks related to audits, DDQs, risk assessments, and vendor reviews.

Maintain accurate tracking and reporting of GRC requests and responses using Jira Service Desk.

Vendor & Third-Party Risk Reviews

Conduct initial vendor security assessments using Smarsh templates and questionnaires.

Review supplier documentation (SOC 2 reports, ISO certificates, penetration test summaries, etc.).

Escalate higher-risk findings to senior GRC team members and ensure closure tracking.

Maintain the vendor risk register and ensure documentation is current.

Client Assurance Support

Assist in responding to client security questionnaires and due-diligence requests.

Manage document requests via trust portals or NDAs (e.g., SOC 2, ISO 27001, policies).

Coordinate with Legal and Sales to ensure consistent and timely client responses.

GRC Documentation & Evidence Management

Maintain GRC repositories and ensure evidence is correctly filed and version-controlled.

Support audit preparation through document collection and formatting.

Help maintain trackers for control testing, risk remediation, and policy acknowledgements.

Operational Reporting & Tooling

Update GRC dashboards and metrics under guidance from senior analysts.

Support the configuration and upkeep of GRC tools and Jira workflows.

Identify opportunities for automation or process improvement.

Essential Experience

2+ years’ experience in information security, compliance, or IT risk.

Familiarity with frameworks such as ISO 27001, SOC 2, NIST CSF.

Experience with vendor risk or client assurance activities.

Strong process skills with the ability to follow and improve workflows.

Excellent written communication and attention to detail.

Comfortable working with distributed global teams.

Desirable

Prior experience with Jira and Jira Service Desk is highly desirable.

Exposure to GRC or audit tools (e.g., Hyperproof, Drata, Vanta, Archer).

Experience working in a SaaS or regulated environment.

Certifications such as ISO 27001 Internal Auditor, CISA, or equivalent.

Success in this Role Looks Like

GRC queues are triaged and processed efficiently.

Vendor reviews are completed accurately and on time.

Client assurance requests are handled consistently and professionally.

GRC documentation and evidence are always audit-ready.

Full-Time

About our culture Smarsh hires lifelong learners with a passion for innovating with purpose, humility and humor. Collaboration is at the heart of everything we do. We work closely with the most popular communications platforms and the world’s leading cloud infrastructure platforms. We use the latest in AI/ML technology to help our customers break new ground at scale. We are a global organization that values diversity, and we believe that providing opportunities for everyone to be their authentic self is key to our success. Smarsh leadership, culture, and commitment to developing our people have all garnered Comparably.com Best Places to Work Awards. Come join us and find out what the best work of your career looks like.