Governance, Risk, and Compliance Analyst

At Bluebeam, we empower people to advance the way the world is built. We create smart software solutions that make construction sites more efficient, connected, and safe and improve the lives of design and construction professionals everywhere. 

The Governance, Risk, and Compliance (GRC) Analyst supports Bluebeam teams in implementing and maintaining Information Security Governance, Risk Management, and Compliance initiatives with an emphasis on managing the process of completing external security questionnaires for Bluebeam and its customers.

This includes maintenance and optimization of its systems for answering such questionnaires. In addition, the GRC analyst will support internal risk assessments, assist in audit and regulatory compliance projects, contribute to policy drafting/finalization, support security awareness initiatives, and support other GRC and Information Security projects as assigned in cooperation with the various relevant functions. 

About the Role 

• Manage the customer security questionnaire process, including responding to customer security questionnaires and requests within organizational SLAs
• Support internal and external audits
• Support the documentation and maintenance of internal controls and associated evidence
• Support and/or lead security awareness efforts
• Manage security reviews of vendors and other third parties during procurement and annual reviews
• Review, maintain, and update information security policies, procedures, standards, and other information security-related documentation
• Collaborate across the organization on documenting, implementing, monitoring, and managing Information Security controls
• Collect, consolidate, and update the Information Security Team on regulatory developments and control gaps
• Support business projects and perform other duties as assigned

About You

• Full-time work experience in IT Audit or IT Risk Management
• Experience in leading security assessments, Loopio experience a plus
• Working knowledge of common IT technologies and processes
• Basic understanding of technical aspects of information security
• Experience with Security compliance frameworks such as SOC 2, ISO27001, NIST, etc.
• Understanding of risk management principles and methodologies
• Strong communication skills including the ability to present technical subjects to non-technical audiences including Bluebeam’s customers

Bonus Points for

• Experience with application security, SaaS, or cloud security is a plus
• CISA, ISO Lead Auditor or similar risk management, audit or security certification

What we offer

• People-focused, entrepreneurial culture with the backing of a stable, global, corporate entity – Nemetschek 
• Competitive compensation and benefits package 
• Work-life balance fostered through a culture of diversity, inclusion, and appreciation of individual lifestyle needs 
• Opportunity for continuous professional development through things like Pluralsight, conferences, and certification programs 

About Bluebeam

The construction industry is adopting new technology at a feverish pace. Tablets and cell phones are replacing paper blueprints, drones are surveying jobsites in 3D, and cloud collaboration is changing the way teams work together. Bluebeam plays a crucial role in this transformation. The key to our success is a customer-focused approach to product development: we work with the industry to create solutions for the industry. Today, over 3 million people throughout the world use Bluebeam. In the US, we’re a critical partner for the majority of top AEC firms, and rapidly expanding our presence globally, with offices in Sweden, Germany and the UK. 

Come design and build your future with us! 

Bluebeam is proud to be an equal-opportunity workplace. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or veteran status.

The base pay offered will depend upon qualifications and other operational considerations. Base pay is one part of Bluebeam’s Total Rewards program, which seeks to compensate and recognize employees for their work. Most sales positions are eligible for commission under the terms of an applicable commission plan, while most non-sales positions are eligible for a bonus under the terms of an applicable bonus plan. Additionally, Bluebeam provides best-in-class benefits, with 100% employee-covered health and welfare benefits and paid time off.  Bluebeam is a growing company with many opportunities. If this role and/or pay range is not an exact fit, we still encourage you to apply.

The base pay range for this position is: $ 74,900 - $93,600

#Bluebeam #LI-SR