💼 About This Role

You'll mature and operate Asana's compliance program across SOC 2, ISO 27001, and FedRAMP. You'll partner with Engineering, Legal, and Privacy to ensure controls are effective and evidence pipelines are reliable. This role combines traditional GRC with compliance automation in a high-growth SaaS environment.

🎯 What You'll Do

• Maintain control frameworks for SOC 2, ISO 27001, FedRAMP.
• Support external compliance audits end-to-end.
• Own monthly FedRAMP ConMon package submission.
• Drive evidence collection automation in GRC platform.

📋 Requirements

• 3+ years in GRC, information security, or related field.
• Foundational knowledge of SOC 2, ISO 27001, or FedRAMP.
• Ability to translate compliance requirements to technical and non-technical teams.
• Organized and deadline-driven with multiple workstreams.

✨ Nice to Have

• Exposure to compliance automation or evidence collection tooling.
• Scripting or API integration skills.
• Curiosity about modern SaaS engineering.

🎁 Benefits & Perks

• 🧠 Mental health, wellness & fitness benefits
• 🎓 Career coaching support
• 👶 Inclusive family building benefits
• 💰 Long-term savings or retirement plans
• 🍽️ In-office culinary options

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Hiring Manager Interview· 45 min
3. 3Technical Interview· 60 min