Governance, Risk & Compliance Analyst

Smarsh empowers its customers to manage risk and unleash intelligence in their digital communications. Our growing community of over 6500 organizations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels before those risks become regulatory fines or headlines. Relentless innovation has fueled our journey to consistent leadership recognition from analysts like Gartner and Forrester, and our sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008.

As a GRC Analyst based in Bangalore, you’ll play a key role in supporting the day-to-day operations of the global GRC program. You’ll help triage and manage incoming GRC requests, coordinate vendor security reviews, support client assurance activities, and maintain records in GRC systems. This role is ideal for someone early in their GRC career who thrives on structure, enjoys process-driven work, and takes pride in keeping tasks flowing efficiently across global teams.

Core Responsibilities

GRC Queue Management & Triage

Monitor and manage the GRC team’s shared queue, triaging inbound requests from internal stakeholders and customers.

Prioritize and assign tasks related to audits, DDQs, risk assessments, and vendor reviews.

Maintain accurate tracking and reporting of GRC requests and responses using Jira Service Desk.

Vendor & Third-Party Risk Reviews

Conduct initial vendor security assessments using Smarsh templates and questionnaires.

Review supplier documentation (SOC 2 reports, ISO certificates, penetration test summaries, etc.).

Escalate higher-risk findings to senior GRC team members and ensure closure tracking.

Maintain the vendor risk register and ensure documentation is current.

Client Assurance Support

Assist in responding to client security questionnaires and due-diligence requests.

Manage document requests via trust portals or NDAs (e.g., SOC 2, ISO 27001, policies).

Coordinate with Legal and Sales to ensure consistent and timely client responses.

GRC Documentation & Evidence Management

Maintain GRC repositories and ensure evidence is correctly filed and version-controlled.

Support audit preparation through document collection and formatting.

Help maintain trackers for control testing, risk remediation, and policy acknowledgements.

Operational Reporting & Tooling

Update GRC dashboards and metrics under guidance from senior analysts.

Support the configuration and upkeep of GRC tools and Jira workflows.

Identify opportunities for automation or process improvement.

What We’re Looking For

Essential Experience

1–3 years’ experience in information security, compliance, or IT risk.

Familiarity with frameworks such as ISO 27001, SOC 2, NIST CSF.

Experience with vendor risk or client assurance activities.

Strong process skills with the ability to follow and improve workflows.

Excellent written communication and attention to detail.

Comfortable working with distributed global teams.

Desirable

Prior experience with Jira and Jira Service Desk is highly desirable.

Exposure to GRC or audit tools (e.g., Hyperproof, Drata, Vanta, Archer).

Experience working in a SaaS or regulated environment.

Certifications such as ISO 27001 Internal Auditor, CISA, or equivalent.

Success in this Role Looks Like

GRC queues are triaged and processed efficiently.

Vendor reviews are completed accurately and on time.

Client assurance requests are handled consistently and professionally.

GRC documentation and evidence are always audit-ready.

Why Smarsh

Smarsh hires lifelong learners with a passion for innovating with purpose, humility, and humor. Collaboration is at the heart of everything we do. We work with the most widely used communications platforms and leading cloud infrastructures, applying the latest AI / ML technologies to deliver solutions at scale.

As a global organization, we value diversity and encourage everyone to bring their authentic selves to work. Our leadership, culture, and people-first approach have earned multiple Comparably.com Best Places to Work Awards. Join us and discover the best work of your career.