Senior Governance, Risk and Compliance Analyst

Udemy
$133,000-$166,000 USD
United States, Colorado, Denver
1860 Blake Street (Show on map)
Jun 11, 2025
Join Udemy. Help define the future of learning. Udemy is evolving from a course catalog into an AI-powered reskilling platform built to help people and teams grow. It's more personalized, more practical, and focused on real-world impact. Our mission is simple: to transform lives through learning. Your work helps people around the world build skills they can use, whether they're picking up something new or leveling up to stay ahead. Over 80 million learners and 17,000 businesses already learn with Udemy. If you're excited by change, energized by learning, and ready to have a real impact, you'll feel right at home. Learn more about us on our company page. Where we work Udemy is a global company headquartered in San Francisco, with additional U.S. offices in Denver and Austin, and international hubs in Australia, India, Ireland, Mexico, and Turkiye. *This is an in-office position, requiring three days a week in the office (Tuesday, Wednesday, Thursday) and flexibility on Mondays and Fridays. About your skills* Consulting: You see beyond the present problem and identify the fundamental 'why'. You are a creative thinker and co-design potential solutions with the stakeholders. Influencing: You develop relationships effectively up, down, and across the organization and are able to strategically use these relationships to help move work forward. You scope solutions to "get to yes" and are capable of pushing back on disagreement if they will not provide the outcome needed for the team or the business. Decision Making: You use critical thinking to follow a defined decision making process and consider multiple perspectives. Upon making a decision, you are clear in your communication and ensure everyone is aligned in execution. Coaching: You have strong coaching skills allowing you to actively listen and ask the kind of questions to help you diagnose and effectively address issues. Preferred Qualifications: Audit Experience: Experience with third-party audits or as an internal auditor, particularly within the technology sector. Certifications: Relevant certifications such as CISA, CISSP, or equivalent are desireable. About this role The GRC Senior Analyst will be responsible for leading the GRC team in achieving and maintaining compliance with key third-party certifications. You will work closely with system and control owners across the organization to document, update, and maintain control language, policies, procedures, and other essential documentation. Your role will involve significant interaction with third-party auditors and internal stakeholders, requiring superior written and verbal communication skills. You will also interface with customers, requiring a professional and positive attitude, particularly under pressure. \What you'll be doing Certification Support: Lead in the preparation, submission, and maintenance of key third-party certifications, including CMMC (Cybersecurity Maturity Model Certification) and assisting in SOC 2, ISO 27001, and other frameworks. Documentation Management: Collaborate with system and control owners to document and update control language, policies, procedures, and other documentation required for certifications and audits. Audit Lead: Serve as a primary point of contact during internal and external audits, effectively communicating with third-party auditors and ensuring audit requirements are met. Cross-Functional Collaboration: Work closely with teams across the organization, including IT, security, and operations, to ensure all compliance-related activities are aligned with business goals and regulatory requirements. Customer Interaction: Interface with customers to address compliance-related inquiries, providing clear and concise information with a professional demeanor. Process Improvement: Continuously evaluate and improve GRC processes, ensuring they are efficient, scalable, and aligned with industry best practices. Risk Management: Lead in identifying, assessing, and mitigating risks related to compliance, working with relevant stakeholders to implement necessary controls. Compliance Monitoring: Maintain up-to-date knowledge of regulatory changes and ensure that the company's policies and procedures remain compliant. What you'll have Experience: 7+ years of experience in a GRC, compliance, or audit-related role, with a focus on CMMC, NIST, FedRAMP, or similar frameworks. Communication Skills: Superior written and verbal communication skills, with the ability to interact professionally with auditors, customers, and internal teams. Documentation Skills: Excellent attention to detail in documenting controls, policies, and procedures, with the ability to translate complex concepts into clear and actionable language. Calm Under Pressure: Proven ability to remain calm, collected, and professional under pressure, particularly during audits and customer interactions. Collaboration: Ability to work cross-functionally with various departments and teams to achieve compliance objectives. At Udemy, we strive to be transparent around compensation. Actual compensation for this role is based on several factors, including but not limited to job-related skills, qualifications, experience, and specific work location due to differences in the cost of labor. In addition to a base salary, this role is also eligible for benefits and equity. Hiring Compensation Range $133,000 - $166,000 USD At Udemy, we value diversity and inclusion and consider qualified applicants without regard to race, color, religion, sex, national origin, ancestry, age, genetic information, sexual orientation, gender identity, marital or family status, veteran status, medical condition, or disability. We understand that not everyone will match each of the qualifications. However, we also realize that everyone has unique experiences that can add value to our company. Even if you think your background might not perfectly align, we'd love to hear from you! Why work here? You'll grow here. Learning is part of the job. You'll get full access to Udemy courses, a monthly UDay to invest in yourself, and a budget to spend on whatever helps you improve. Many people are diving into AI lately, but what you focus on is up to you. AI is real here. We use it in the way we learn and the way we work. You'll have the space and tools to experiment, apply, and get better at using AI in practical ways. You'll own your work. We trust people to lead, make decisions, and follow through. You don't need to wait for permission or layers of approval to have an impact. You'll build with others. We collaborate openly and shape ideas together. Everyone has a voice, and good thinking is welcomed from any direction. You'll see your impact. What you build helps people grow their skills, change their careers, or find a path forward. You've got the experience, why not use it to help others gain theirs? Bring your curiosity. We'll bring the platform and the support. Let's LEARN* together.* Our Benefits Start with U Our benefits start with you and were built to provide you and your family with the protection and care you need, making it easy to access the right coverage when you need it most. Benefits vary by region, and we encourage applicants to review our US Benefits, Ireland Benefits & Turkiye Benefits pages to get an understanding of some of the benefits we offer. For details on region-specific benefits, please refer to the information provided during the hiring process. Benefits outlined are provided as a general overview and may vary depending on the location, role, and employment classification. All benefits are subject to change at the discretion of the organization and in accordance with applicable laws and policies. Information regarding data privacy is available within the Udemy Careers Privacy Notice.