We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry.

This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us.

As a Senior Governance, Risk & Compliance (GRC) Analyst, you will transform complex security and compliance requirements into streamlined processes that safeguard our customers and accelerate global growth. You’ll serve as a strategic bridge between technical teams and business functions—including Legal, Privacy, and Product—ensuring risks are visible and decisions are data-driven. By joining the Global Information Security Office, you’ll directly influence our risk posture and operational resilience in a high-scale, SaaS-driven environment.

• Drive Governance and Compliance Metrics and Visibility: Architect and maintain GRC dashboards to provide leadership with actionable insights, ensuring all key governance and compliance metrics are documented and actively managed.
• Advance GRC Strategy & Automation: Collaborate with the Director of GRC to lead strategic GRC projects, drive process automation, and evaluate emerging technologies like AI to enhance GRC function efficiency and effectiveness.
• Standardize Global Compliance: Manage the evolution of our Common Controls Framework (SOC 2, ISO, NIST) by mapping requirements to business processes, ensuring we meet regional and regulatory obligations while maintaining customer trust.
• Manage Security Awareness & Training: Track and report on annual security training completion, partnering with stakeholders to ensure high adoption and enhance the global security awareness program.
• Streamline Security Exception Workflows: Own the end-to-end security exception lifecycle within Jira, validating requests and supporting risk assessments to balance business velocity with necessary security guardrails.
• Develop and Manage GRC Repositories: Consolidate and mature the Governance, Risk, and Compliance (GRC) program documentation into a repository. This central repository will house the GRC charter, links to policy library, risk framework, and compliance mappings (e.g., SOC 2, GDPR), serving leadership, control owners, employees, and auditors. 

• Risk & Framework Proficiency: Deep understanding of mapping business processes to frameworks like SOC 2, ISO 27001, or NIST, with the ability to translate technical security gaps into clear business impact (likelihood, impact, and operational implications).
• Analytical Execution: Technical proficiency in building and managing GRC metrics, dashboards, and risk registers using tools like Jira or GRC platforms to identify trends and support objective decision-making.
• Collaborative Influence: Exceptional communication skills used to align diverse stakeholders from Legal and Finance to Engineering on compliance goals and risk mitigation strategies across a global, SaaS-focused organization preferred.
• Operational Resilience Expertise: Experience navigating third-party risk management and supply chain security within a shared-responsibility model to ensure continuous operational uptime and data protection.
• We are primarily an in-office environment and therefore, you will be expected to work from the Lehi, Utah office in compliance with Pure’s policies, unless you are on PTO, or work travel, or other approved leave.

#LI-ONSITE #LI-KQ1

Salary ranges are determined based on role, level and location. For positions open to candidates in multiple geographical locations, the base salary range is reflective of the labor market across the applicable locations. 

This role may be eligible for incentive pay and/or equity. 

There is no application deadline and we accept applications on an ongoing basis until the job is filled.

WHAT YOU CAN EXPECT FROM US:

• Innovation: We celebrate those who think critically, like a challenge, and aspire to be trailblazers.
• Growth: We give you the space and support to grow along with us and to contribute to something meaningful. We have been named Fortune's Best Workplaces in Technology™, Fortune's Best Workplaces in the Bay Area™, and certified as a Great Place to Work®!
• Team: We build each other up and set aside ego for the greater good.

And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events. Check out purebenefits.com for more information.

ACCOMMODATIONS AND ACCESSIBILITY:

Candidates with disabilities may request accommodations for all aspects of our hiring process. For more on this, contact us at TA-Ops@purestorage.com if you’re invited to an interview.

OUR COMMITMENT TO A STRONG AND INCLUSIVE TEAM:

We’re forging a future where everyone finds their rightful place and where every voice matters. Where uniqueness isn’t just accepted but embraced. That’s why we are committed to fostering the growth and development of every person, cultivating a sense of community through our Employee Resource Groups and advocating for inclusive leadership.

Everpure is proud to be an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire.

Join us and bring your best.

Bring your bold.

Pure and simple.