GRC Due Diligence Analyst

8x8, Inc. (NASDAQ: EGHT) believes that CX limits were meant to be shattered. We connect people and organizations through seamless communication on the industry's most integrated platform for Customer Experience—combining Contact Center, Unified Communications, and CPaaS APIs. The 8x8® Platform for CX integrates AI at every level to enable personalized customer journeys, drive operational excellence and insights, and facilitate team collaboration.

We help customer experience and IT leaders become the heartbeat of their organizations, empowering them to unlock the potential of every interaction. With one platform, one ecosystem, and one data model, you can turn every team into a customer-facing team and unify your CX to conquer the complexity. 

As an organization, we are looking for Team8s who are AI-proficient, open to innovation, and skilled in leveraging AI for efficiency and growth.

Learn more on our company website at www.8x8.com follow our pages on LinkedIn, Twitter, Facebook and Instagram.

8x8 is seeking a GRC Due Diligence Analyst. This role will report directly to the Director, GRC and is based in Romania.

The Due Diligence Analyst is responsible for managing security and compliance-related customer inquiries, coordinating with internal and external teams to ensure timely responses, and supporting audit, privacy management and sales enablement processes. This role involves tracking and documenting customer requests, facilitating security policy exceptions, processing data subject access requests (DSARs), and assisting with evidence allocation / collection in support of security audits (e.g.ISO, SOC 2, PCI) and assisting with Vendor Risk Management tasks. The ideal candidate will have strong organizational skills, attention to detail, and experience in security, compliance, or due diligence related functions and be comfortable participating in customer facing engagements.

The GRC Due Diligence Analyst is an exciting and dynamic role that is highly visible and has a direct impact on 8x8's success.  

About the Team;

The 8x8 Security team works to ensure the security of all 8x8 and customer data, along with that of 8x8's subsidiaries, and the security of 8x8 systems and products. Our goal is to ensure that 8x8's services and products are secure, trusted, and safe, and that customers receive the assurances they need in order to select and use 8x8 products. 

What you’ll do;

Receive, track and respond to requests for information in support of sales and customers due diligence activity. 

You will participate in our GRC strategy, roadmap, and compliance programs. 

Strategize and plan the approach for customer meetings to ensure that the best outcome is achieved first time.  

Work closely with internal teams, including Engineering and Product teams, to ensure they have necessary and sufficient evidence of compliance with 8x8’s internal controls, regulatory requirements, and 8x8's policies and procedures in advance of customer interactions.

Identify and report on any compliance gaps or requirements raised by customers to increase 8x8’s competitive edge.

Work with internal teams, and regulatory agencies to provide evidence of compliance and schedule and participate in meetings between sales teams and customers. 

Work closely with internal and external partners to facilitate our Vendor Risk Management process. 

Provide regular status updates to management.

Work with senior security engineering leaders to align priorities, to ensure the success of critical projects which often extend across teams at 8x8.

Requirements;

An understanding of the GRC domain as it relates to technology and Cloud services  companies.

Knowledge of and experience with the information technology certification and management frameworks;

ISO/IEC 27001 and NIST 800-53 R5;

Cyber Essentials Plus certification;

SOC 2 Type 2;

PCI-DSS 4.0;

HITRUST;

HIPAA;

Recent and relevant legal, regulatory and privacy requirements relating to the communications and technology environment.

Strong communication and coordination skills, with the ability to work cross-functionally.  

Excellent organizational skills, with the ability to track and manage multiple requests simultaneously. 

The ability to effectively and concisely communicate complex information, both verbally and in writing, to both technical and non-technical audiences.

Experience with GRC management tools (e.g. Asana, Prevalent, DataGrail, Alyne).

Skills that are a plus;

2 years experience in the GRC / Due Diligence environment. 

CISSP/CIA certification (or working towards).

Knowledge of SOX compliance and SOX certification experience.

Experience working with Sales teams and customers. 

The ability to effectively communicate with, and influence customers in support of sales

Experience and knowledge of the telecommunications industry and associated technologies, particularly VoIP and Cloud communications services. 

Experience performing due diligence requirements reviews.

Experience of GRC Policy Maintenance.  

This role is an excellent opportunity for individuals looking to commence their career or expand their experience in security, compliance, and privacy management while working in a dynamic and collaborative environment.

For a closer look into what life at 8x8 International and the Cluj office look like check out our Instagram page.

8x8 believes diversity makes our company stronger which is why we are a proud equal opportunities employer and encourage all of our staff to bring their authentic selves to work. We believe in fairness and we believe in security so reserve the right to undertake background checks on anyone that we extend an employment offer to.

Our Job Applicant Privacy Notice can be found here.