GRC Compliance Analyst

ABOUT HAPPYROBOT

HappyRobot is the infrastructure for enterprises to build and orchestrate AI workforces. Our AI workers don't just communicate - they make decisions, take action, and run operations autonomously across voice, email, and enterprise systems. Born in Y Combinator (S23) and backed by a16z and Base10 with over $60M raised, we power critical operations for global enterprises worldwide.

Our platform is battle-tested in the most demanding environments - where AI has real consequences. We started in logistics, built our own voice stack, models, and orchestration layer from the ground up, and are now bringing that infrastructure to every enterprise that runs the real economy. Learn more about our vision in our manifesto. https://www.happyrobot.ai/blog/manifesto

ABOUT THE ROLE

We are looking for a GRC Analyst to join our Security team. Your mission is to scale our compliance frameworks and ensure we maintain a "continuously audit-ready" state. You will own the day-to-day operations of our GRC platform, manage evidence collection, and act as the primary point of contact for customer security inquiries and external audits.

This is a technical GRC role: you won’t just be checking boxes; you will be working with engineers to automate evidence and ensure our security controls are robust and well-documented.

WHAT YOU’LL DO

- Framework Management: Maintain and improve our compliance posture for SOC 2 Type II and ISO 27001. Assist in the roadmap for future certifications (e.g., HIPAA, GDPR).

- GRC Automation: Administer our GRC platform (e.g., Vanta, Drata) to automate evidence collection and monitor control health in real-time.

- Audit Coordination: Lead external audit cycles, acting as the main interface between auditors and our internal technical teams.

- Customer Trust: Own the security questionnaire process. Build and maintain a "Trust Center" or Knowledge Base to accelerate sales cycles by providing accurate security documentation to prospects...