Compliance Analyst

Who We Are Vultr is on a mission to make high-performance cloud infrastructure easy to use, affordable, and locally accessible for enterprises and AI innovators around the world. With 32 global cloud data center locations, Vultr is trusted by hundreds of thousands of active customers across 185 countries for its flexible, scalable, global Cloud Compute, Cloud GPU, Bare Metal, and Cloud Storage solutions. In December 2024 Vultr announced an equity financing at a $3.5 billion valuation. Founded by David Aninowsky and self-funded for over a decade, Vultr has grown to become the world’s largest privately-held cloud infrastructure company. Why Vultr Simply put, Vultr is committed to providing businesses worldwide with the best price-to-performance of any cloud computing platform. Our global reach of data centers and strategic new partnerships provide the foundation to maximize the impact of our existing services, new product improvements, and releases, which in turn, is a catalyst for your own success. Vultr is taking flight, and this is your opportunity to leave your mark on the future of Cloud Infrastructure Join Vultr Vultr is seeking a Compliance Analyst reporting to the Director of GRC who is able to own internal controls and collaborate closely with various stakeholders to support and manage compliance projects and its processes. This role requires collaborating with a global team across US time zones. You will help continuously mature the compliance program, identify and address gaps, and lead internal and external compliance audits in concert with business stakeholders (Engineering, GRC, People Operations, Product and Technical teams) What To Expect Coordinate and manage compliance projects and processes serving as both the project lead and the control owner for various compliance initiatives. Apply risk management knowledge to identify program deficiencies, assess gaps and design and implement controls. Analyze security controls on cloud based systems, perform gap assessments, and map compliance requirements for various frameworks but not limited to SOC 2+, ISO 27001, ISO 27017, ISO 27018, PCI DSS. Provide subject matter expertise for all things compliance, monitoring performance, testing effectiveness of controls, and implementing improvements. Collaborate effectively with cross-functional teams, aligning stakeholders on decisions and reporting requirements and findings to stakeholders and leadership Our ideal candidate will have 3 - 5 years of experience in: Familiarity with industry accepted compliance policies, frameworks, and standards A good understanding of compliance programs, risk assessment methodologies, and operation and verification of internal controls. Ability to analyze business processes, identify risks and dependencies, and propose solutions. Ability to collaborate and influence cross-functional teams, executive management, and regulators. Excellent verbal and written communication skills; effectively write, edit and collaborate, including emails, documentation and slide presentations. Be a collaborative team player with the ability to execute on independent projects. Bonus - Though not required: If you have previous experience working in GRC for a Cloud Hosting Provider If you have experience with GRC and/or Privacy platforms such as AuditBoard, Drata, or One Trust We are an equal opportunity employer and are committed to creating an inclusive environment for all employees. We welcome applications from individuals of all backgrounds and experiences, and we prohibit discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected status under applicable laws. We also take your privacy seriously. We handle personal information responsibly and follow applicable laws, including U.S. privacy rules and India’s Digital Personal Data Protection Act, 2023. Your data is used only for legitimate business purposes and is protected with proper security measures. Where allowed by law, applicants may request details about the data we collect, access or delete their information, withdraw consent for its use, and opt out of nonessential communications. For more details, please see our .