GRC Analyst

Rogo is hiring a GRC Analyst to support our customer trust, security assurance, and compliance programs as we scale globally. This role plays a critical part in how Rogo communicates its security and privacy posture to customers, partners, and internal stakeholders.

You will work closely with security, engineering, legal, and go-to-market teams to ensure Rogo’s controls, risk posture, and security practices are clearly understood and accurately represented. This is a hands-on role requiring strong written communication, technical curiosity, and continuous improvement across frameworks relevant to the UK, EU, US, and beyond.

What You Will Own

• Support Rogo’s customer trust and security assurance processes, including responding to customer security inquiries and risk assessments.
• Serve as a key point of contact for customer security reviews, partnering with internal teams to provide accurate, consistent, and timely responses.
• Maintain and improve Rogo’s security documentation and response materials, ensuring alignment with current systems and controls.
• Collaborate with security and engineering teams to understand and articulate technical controls in a customer-facing context.
• Support compliance initiatives across frameworks such as SOC 2, ISO 27001, ISO 42001, EU AI Act, UK Cyber Essentials, and GDPR, including evidence collection and audit readiness.
• Identify common themes and gaps surfaced through customer inquiries and contribute to continuous improvement of security and compliance practices.
• Help streamline and scale trust-related workflows as customer volume and enterprise requirements grow.

What You Will Need

• Experience supporting customer-facing security, compliance, or trust functions at a SaaS or cloud-native company.
• Experience translating technical security concepts into clear, concise written responses.
• An understanding of common enterprise security expectations across areas such as cloud infrastructure, access control, data protection, and incident response.
• Strong attention to detail and the ability to manage multiple parallel requests without sacrificing quality.
• Clear communication skills with both technical and non-technical stakeholders.
• Sound judgment when handling sensitive or ambiguous security questions.
• Interest in operating at the intersection of security, compliance, and customer engagement.

Bonus:

• Experience working with security questionnaires, audits, or third-party risk assessments.
• Exposure to cloud security concepts (AWS/GCP, Kubernetes, IAM).
• Experience improving or scaling trust, GRC, or compliance processes in growing organizations.
• Prior experience supporting enterprise customers.
• Comfort engaging with financial services customers on security, risk, and compliance topics.

Who You Are

• You thrive in fast-paced environments. You are high-intensity and care a lot about what you do, and you're ecstatic to work at a startup.
• You are ambitious. You have fun solving problems that others think are impossible.
• You are curious. You find joy in learning about AI, technology, and finance.
• You are an owner. You are autonomous, self-directed, and comfortable working with ambiguity.
• You are collaborative, organized, thoughtful, and kind.