Senior Governance, Risk & Compliance Analyst

Confirmed live in the last 24 hours

Pure Storage

Compensation

$131,000 - $197,000/year

Lehi, Utah

On-site

Posted February 24, 2026

Job Description

We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry.

This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us.

THE ROLE

As a Senior Governance, Risk & Compliance (GRC) Analyst, you will transform complex security and compliance requirements into streamlined processes that safeguard our customers and accelerate global growth. You’ll serve as a strategic bridge between technical teams and business functions—including Legal, Privacy, and Product—ensuring risks are visible and decisions are data-driven. By joining the Global Information Security Office, you’ll directly influence our risk posture and operational resilience in a high-scale, SaaS-driven environment.

WHAT YOU’LL DO

Drive Governance and Compliance Metrics and Visibility: Architect and maintain GRC dashboards to provide leadership with actionable insights, ensuring all key governance and compliance metrics are documented and actively managed.
Advance GRC Strategy & Automation: Collaborate with the Director of GRC to lead strategic GRC projects, drive process automation, and evaluate emerging technologies like AI to enhance GRC function efficiency and effectiveness.
Standardize Global Compliance: Manage the evolution of our Common Controls Framework (SOC 2, ISO, NIST) by mapping requirements to business processes, ensuring we meet regional and regulatory obligations while maintaining customer trust.
Manage Security Awareness & Training: Track and report on annual security training completion, partnering with stakeholders to ensure high adoption and enhance the global security awareness program.
Streamline Security Exception Workflows: Own the end-to-end security exception lifecycle within Jira, validating requests and supporting risk assessments to balance business velocity with necessary security guardrails.
Develop and Manage GRC Repositories: Consolidate and mature the Governance, Risk, and Compliance (GRC) program documentation into a repository. This central repository will house the GRC charter, links to policy library, risk framework, and compliance mappings (e.g., SOC 2, GDPR), serving leadership, control owners, employees, and auditors.

WHAT YOU BRING

Risk & Framework Proficiency: Deep understanding of mapping business processes to frameworks like SOC 2, ISO 27001, or NIST, with the ability to translate technical security gaps into clear bus

gorustawsaidataproduct