Governance, Risk, and Compliance Analyst, Fetch

Salary not provided

+ Equity

AWS

Windows

Okta

Mid level

Remote in US

Chicago

Mobile shopping and rewards platform

Be an early applicant

Mobile shopping and rewards platform

501-1000 employees

B2CLifestyleeCommerce

Be an early applicant

Salary not provided

+ Equity

AWS

Windows

Okta

Mid level

Remote in US

Chicago

501-1000 employees

B2CLifestyleeCommerce

Company mission

To help reimagine what shopping looks like.

Job

Company

Role

Who you are

Bachelor’s Degree in Information Security, Cybersecurity, Information Technology, or a related field
GRC-related certifications such as CRISC or CISM are preferred
Knowledge of SOC2 certification requirements and auditing processes is preferred
Knowledge of industry standards such as SOC2, ISO 27001, NIST, PCI DSS, GDPR, and CCPA
3+ years of experience in Governance, Risk, and Compliance roles, focusing on security compliance and risk management
Hands-on experience with compliance platforms like Vanta preferred
Experience managing SOC2 certification efforts, including preparation, audit facilitation, and remediation
Strong understanding of risk management frameworks and best practices
Proven ability to perform and lead risk assessments and vendor risk evaluations
Experience working with people management and IT ensuring employee onboarding and offboarding steps are performed securely and timely to meet compliance requirements
Strong project management and organizational skills
Excellent written and verbal communication skills, with the ability to translate technical requirements into business-friendly language
Attention to detail and strong analytical skills
Ability to work collaboratively across departments, particularly with IT, Legal, and Business Operations teams
Experience with cloud computing environments preferred AWS
Strong understanding of identity providers, preferred Okta
Familiarity with Mac and Windows management and security issues

What the job involves

The Governance, Risk, and Compliance (GRC) Analyst is responsible for managing and overseeing the company’s Information Security Governance framework and Risk Management program
The role ensures that the organization complies with regulatory requirements, industry standards, and internal policies while mitigating risks that could negatively impact the business
The GRC Analyst will play a key role in leading the organization’s SOC2 certification efforts and leveraging tools like Vanta to streamline compliance and risk management
Governance & Compliance:
Develop and maintain security policies, standards, and procedures that align with industry best practices and regulatory requirements
Manage and oversee the SOC2 compliance program, ensuring all controls are implemented, maintained, and audited successfully
Assist in compliance assessments (SOC2, ISO 27001, CCPA, etc.) and support internal and external audits
Collaborate with cross-functional teams to address any gaps identified during audits or assessments and develop remediation plans
Ensure alignment of security controls with business and regulatory requirements, recommending updates to policies as needed
Risk Management:
Perform risk assessments, identifying information security risks, evaluating their impact, and recommending risk mitigation strategies
Maintain and update the organization’s risk register and assist in developing risk treatment plans
Conduct vendor risk assessments, reviewing third-party security controls and ensuring compliance with contractual agreements and regulations
Develop and maintain key risk indicators to track and report on security risks across the organization
GRC PlatformImplementation & Management:
Leverage a GRC platform to monitor and manage compliance activities, automate evidence collection, and track the company’s progress toward SOC2 certification
Ensure that the GRC platform is properly configured to meet the company’s compliance objectives and maintain system integrity
Work closely with internal teams to integrate the GRC platform with various systems and processes, ensuring a smooth, automated compliance workflow
Provide training and guidance to employees on the use of Vanta and on compliance-related responsibilities
Audit Support & Reporting:
Support both internal and external audit processes, ensuring that appropriate documentation and evidence are provided on time
Work with stakeholders to ensure audit findings are tracked and remediated efficiently
Prepare and present reports to senior management, outlining risk assessments, compliance statuses, and remediation efforts
Continuous Improvement:
Stay current with industry best practices, regulatory changes, and emerging threats to continuously improve the organization’s GRC posture
Propose and implement improvements to the organization’s security program, ensuring alignment with the latest security frameworks and compliance requirements
Engage in continuous education and certification opportunities relevant to the role (e.g., CISM, CRISC)

Our take

Leading mobile shopping and loyalty platform Fetch has seen explosive success in recent years. Its concept is simple: users receive spendable points in exchange for scans of their shopping receipts.

The app has tens of millions of daily active users with even more downloads, and has seen impressive growth, having now reached 'unicorn' status twice over. This should come as no surprise. Brand reinforcement is crucial to customer retention and acquisition - but it is harder than ever, with the fragmentation of choice on the market and the declining efficacy of marketing. So material loyalty benefits are likely to prove a crucial tool in creating and leveraging a strong customer base.

Whilst Fetch faces competition from similar receipt-scan rewards platforms like ReceiptPal and Ibotta, it grew into a profitable company in late 2023. It is using its most recent Morgan Stanley-backed funding to aggressively add brand partners at a competitive pace and onboarding staff at a level that promises strong continued growth.

Steph

Company Specialist at Welcome to the Jungle

Insights

Top investors

Some candidates hear
back within 2 weeks

10% employee growth in 12 months

Glassdoor (3.6)

Trustpilot (3.7)

Company

Employee endorsements

Flexible working

"I work unusual hours. I'm a night owl and hate mornings. I don't get any push back for working non-traditional hours."

Browse all endorsements

Funding (last 2 of 7 rounds)

Apr 2022

$120m

SERIES E

Mar 2021

$210m

SERIES D

Total funding: $456.6m

Company benefits

Stock Options: Fetch wants you to be on the rocketship with us! Options will give you the opportunity to share the excitement of the company growth and have your own stake in its success
401k Match: We match 100% of the first 3% of your 401K contribution
Benefits for humans and pets: We offer comprehensive PPO and HDHP plans (Dental | Vision | Life Insurance) in addition to pet insurance, fully covered for the first pet. Our bereavement leave also includes our furry friends
Continuing Education: Fetch provides up to $10,000 per year in education reimbursement support for any job-related courses/programs/certifications. You will also have access to Udemy, an online course provider with thousands of topics to discover
Employee Resource Groups: Take part in employee-led groups that are centered around fostering a diverse and inclusive workplace through events, dialogue and advocacy. Current groups include Amplify BiPoC, Amplify Women, Amplify LBGTQ+, Amplify Family, and Amplify Veterans
Paid Time Off: On top of our flexible PTO, Fetch observes 9 paid holidays, including Juneteenth and Indigenous People’s Day, as well as our End-of-Year break
Robust Leave Policies: Whether it’s for you or a loved one, Fetch offers generous leave time for various health and personal needs that take you away from work. Our parental leave policy provides 18 weeks of paid time off for primary caregivers, 12 weeks for secondary caregivers, and the option to create a flexible return to work schedule in the last few weeks of leave
Wellness Program: Utilize these tools and resources to bring your best self to work each day
Wellness coach on staff to help you create goals, provide accountability and support you on your wellness journey
Nutrition counseling through Charge Nutrition
Gympass membership to access in-person gyms, virtual workout classes, meditation apps, and much more
Employee Assistance Program (EAP) provides no cost, confidential resources and services to help navigate life's many changes and challenges
Hybrid Work Environment: Collaborate with your team in one of our stunning offices in Madison, Birmingham or Chicago 1 - 2 times per week. We’ll ensure you are equally equipped with the hardware and software you need to get your job done in the comfort of your home
Social Impact Efforts: Take part in volunteer events or donate to your favorite organizations through BrightFunds

Company values

Speed
Trust
Action
Diversity

Company HQ

Madison, WI

Articles

Fetch - Here's how you use the app

From startup to category leader in a crowded market

Verified Incremental from Fetch: A Superior Measurement Methodology

America's Best Startup Employers - Forbes 2022

Wes named 2022 Entrepreneur of the year

Fetch Rewards Raises $240 Million in a Round Led By Hamilton Lane To Continue Fueling Aggressive Growth

Brands Use Mobile Data to Deepen Loyalty Connections With Customers

Fetch Announces Former Uber Executive as New Chief Financial Officer

Rewards Startup Fetch Taps Private Credit Boom, Raising $50 Million From Morgan Stanley

Leadership

Wes Schroll

(CEO)

Founded Fetch while in undergrad at UW-Madison and grew the company into the nation's No. 1 rewards app, connecting millions of consumers with their favorite brands.

Tyler Kennedy

(VP of Operations)

Studied Business Administration at the University of Wisconsin-Madison. Founded his first company, a yacht detailing company, when they were only fourteen.

Salary benchmarks

We don't have enough data yet to provide salary benchmarks for this role.

Submit your salary to help other candidates with crowdsourced salary estimates.

Diversity, Equity & Inclusion at Fetch

Shonita Torry, SHRM-CP (Diversity, Equity, Inclusion, & Belonging Specialist )

Diversity, Equity, Inclusion, and Belonging are key areas of focus for Fetch as we grow.
As we build a more DEIB focused organization it is every one of our jobs to become more inclusive in our thoughts, speech, decisions and actions.
Diversity. The presence of a multitude of demographic differences within our teams.
Equity. Promoting fairness while acknowledging the different needs of individuals within our organization as they pertain to our internal processes and procedures.
Inclusion. Our focus on our employees' feeling they are respected, have agency and are able to participate and achieve to their goals.
Belonging. The sentiments and feelings of psychological safety and support when inclusion is realized. Belonging occurs when there is an acceptance of individuals regardless of their intersections of identity.
Our objective is for people of all identities to be included and represented across our organization. We practice inclusion and representation by amplifying voices, creating and maintaining respectful relationships, and cultivating an equitable workplace and community for all.
To accomplish this objective, we've implemented New Hire INCLUSION orientation on day one.
"My personal belief is that when a company leads with INCLUSION first, then Diversity, Equity, and Belonging will organically grow. This is what we are creating at Fetch - a CANVAS of INCLUSION. You get to help paint on this canvas." Shonita Torry SHRM-CP, DEIB Specialist

Share this job

View 14 more jobs at Fetch