About this role
Introduction to Demandbase:
Demandbase is the only pipeline AI platform that empowers GTM teams to automate growth at scale. With a unified view of data, insights, actions, and outcomes, B2B enterprises can seamlessly align and execute their account-based GTM strategies with confidence. Thousands of businesses trust Demandbase to maximize revenue, minimize waste, and consolidate their data and tech stacks – all in one platform.
As a company, we’re as committed to growing careers as we are to building world-class technology. We invest heavily in people, our culture, and the community around us. We have also continuously been recognized as One of The Best Places To Work in the San Francisco Bay Area by Fortune, and One of The 60 Best Companies To Sell For by Selling Power. Our offices are located in San Francisco, New York, Austin, Seattle, India, and the United Kingdom.
About the Role
As a Senior GRC Analyst, you will play a key role in advancing Demandbase’s global Governance, Risk, and Compliance (GRC) program. This role requires a balance of hands-on execution and independent judgment, ensuring that compliance requirements are not only met, but translated into meaningful risk management outcomes.
Reporting to the Senior Director of GRC, you will work cross-functionally to drive audit readiness, assess risk, and strengthen the company’s security and compliance posture. You will be expected to operate with a high degree of independence, taking ownership of work from initial assessment through final validation and closure.
This is an opportunity to contribute directly to a growing global security program and build deep expertise across governance, risk, compliance, and emerging domains such as AI assurance.
This is a fully remote position based in India. Some flexibility is required for calls during the U.S. business hours each week. Candidates should be able to accommodate 2–3 late evening calls per week (IST), typically between 6:30–10:00pm IST.
Roles & Responsibilities
Execution & Ownership
Independently execute audit and compliance activities, including walkthroughs, control testing, and evidence review
Drive audit findings and remediation efforts through to completion, ensuring issues are fully validated and appropriately closed
Take ownership of deliverables and ensure they are complete, accurate, and ready for use without rework
Identify gaps during execution and proactively drive resolution or escalate where needed
Risk Analysis & Decision Support
Analyze risk and compliance data to identify trends, gaps, and areas of concern
Translate findings into clear, prioritized actions that can inform business decisions
Move beyond reporting to ensure outputs are actionable and tied directly to risk outcomes
Provide input into risk posture and help guide where attention and resources should be focused
Framework Application & Practical Implementation
Apply working knowledge of frameworks such as ISO 27001, ISO 27701, ISO 42001, SOC 2, and NIST to real-world scenarios
Translate control requirements into practical implementation steps for technical and business teams
Ensure controls are not only documented, but operationally effective and aligned to risk
Policy & Documentation Management
Maintain and update policies and documentation with a focus on accuracy, clarity, and usability
Perform end-to-end validation of documentation, including verifying links, references, and consistency
Identify and clearly communicate gaps in documentation, even when ownership resides with another team
Ensure documentation reflects current state and supports audit and compliance needs
Cross-Functional Collaboration
Work with engineering, product, and business teams to drive compliance outcomes
Communicate clearly with both technical and non-technical stakeholders
Navigate ambiguity and move work forward by identifying next steps and removing blockers
Balance collaboration with ownership of outcomes, not just coordination
Qualifications
4–8+ years of experience in Governance, Risk, Compliance, Security, or Audit roles
Strong working knowledge of ISO, SOC 2, and/or NIST frameworks
Experience supporting or executing audit and compliance activities
Ability to evaluate evidence and determine whether it adequately addresses risk
Strong analytical skills with the ability to move from data to insight to action
Clear and confident communication skills across global teams
Candidates should demonstrate prior experience independently owning and driving audit, risk, or compliance work to completion, including validating deliverables and determining next steps without relying on continuous direction
Bachelor’s or Master’s degree in Computer Science, Information Systems, Information Security, or a related field
Preferred
Experience in a SaaS or technology company
Experience with GRC tools (Hyperproof, Vanta, MetricStream, etc.)
Exposure to AI governance, third-party risk, or security reviews
Relevant certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent are preferred, but not required.
Benefits
Our benefits include Group Medical, Personal Accident, and Term Life Insurance for comprehensive protection. Preventive healthcare covers dental, vision, and OPD needs, complemented by strong mental health support. We also provide a fitness benefit, car lease policy, and gratuity for long-term financial well-being.
Our Commitment to Diversity, Equity, and Inclusion at Demandbase
At Demandbase, we believe in creating a workplace culture that values and celebrates diversity in all its forms. We recognize that everyone brings unique experiences, perspectives, and identities to the table, and we are committed to building a community where everyone feels valued, respected, and supported. Discrimination of any kind is not tolerated, and we strive to ensure that every individual has an equal opportunity to succeed and grow, regardless of their gender identity, sexual orientation, disability, race, ethnicity, background, marital status, genetic information, education level, veteran status, national origin, or any other protected status. We do not automatically disqualify applicants with criminal records and will consider each applicant on a case-by-case basis.
We recognize that not all candidates will have every skill or qualification listed in this job description. If you feel you have the level of experience to be successful in the role, we encourage you to apply!
We acknowledge that true diversity and inclusion requires ongoing effort, and we are committed to doing the work required to make our workplace a safe and equitable space for all. Join us in building a community where we can learn from each other, celebrate our differences, and work together.
Unsolicited Submissions
At Demandbase, we value thoughtful partnerships and direct connections with candidates. We’re not accepting unsolicited resumes or outreach from third-party recruiting agencies. Any unsolicited submissions will not be reviewed, and no fees will be paid.