Risk & Compliance Analyst

Hudl•Lincoln, NE

21h•Hybrid

About The Position

At Hudl, we build great teams. We hire the best of the best to ensure you’re working with people you can constantly learn from. You’re trusted to get your work done your way while testing the limits of your potential and what’s next. We work hard to provide a culture where everyone feels supported, and our employees feel it—their votes helped us become one of Newsweek's Top 100 Global Most Loved Workplaces. We think of ourselves as the team behind the team, supporting the lifelong impact sports can have: the lessons in teamwork and dedication; the influence of inspiring coaches; and the opportunities to reach new heights. That’s why we help teams from all over the world see their game differently. Our products make it easier for coaches and athletes at any level to capture video, analyze data, share highlights and more. We are looking for a Risk & Compliance Analyst to be a trusted, community-oriented colleague within our Trust Operations program, ensuring our frameworks are ready to meet the evolving needs of our customers and global regulations. You will confidently manage our regulatory and privacy obligations by designing and implementing robust compliance controls across a unified framework. This role requires you to drive risk reduction through scalable solutions and ensure firm alignment with our standards and policies. You'll serve as a key partner, building collaborative relationships across functional areas, with stakeholders, vendors, and customers. Your critical work will ensure our frameworks are positioned to exceed customer expectations and regulatory obligations as our business evolves. You're the vital safeguard, ensuring we consistently keep our promises. You’ll work across the company to build scalable solutions that reduce risk while maintaining the high standards of privacy and security Hudl is known for.

Requirements

Three to five years of experience in GRC, security or privacy, ideally within the SaaS or IoT industries.
Experience creating and maturing IT control frameworks like SOC 2, NIST 800-53 or ISO 27001/2.
Ability to take complex security/privacy concepts and make them easy for non-technical audiences to understand.
Resourceful problem-solver who can identify innovative approaches to complex compliance issues.
Humble, curious and ready to listen to understand while helping our teams navigate regulatory landscapes.
Experience with reporting and providing an analytical perspective.
Process improvement mindset.
Ability to translate requirements into repeatable operational practices.

Nice To Haves

Hold one or more GRC certifications from ISACA, IAPP, ISC2 or SANS.
A degree in computer science, information systems, risk management, information security or a related field (though we’re happy to consider equivalent work experience).
Experience working with GRC tools and a solid understanding of security/privacy engineering.
Curious about how AI can improve GRC processes and have a baseline understanding of the ethics and risks associated with AI and machine learning.
Experience creating, owning, and maturing organizational control and security frameworks.
Versed with SOC 2 and ISO 27001 implementation experience.
Deep knowledge of regulatory and privacy landscapes.
Comfortable with managing projects and can navigate timelines and schedules.

Responsibilities

Manage our Trust Operations program. You’ll support the Manager of Trust Operations to implement risk management, and compliance strategies that ensure we meet legal requirements like GDPR, FERPA, ISO 27001/2 and SOC 2.
Collaborate across the business. You’ll partner with Sales and Legal on inbound security/privacy questions, work with various departments on security/privacy practices and help teams implement security/privacy controls.
Build resilience and awareness. You’ll help create and maintain security/privacy awareness content to keep our mission secure.
Drive vendor integrity. You’ll help manage our vendor risk program, by conducting risk reviews and maintaining a register of risk profiles.
Provide actionable insights. You’ll track and report key metrics to senior leadership, ensuring we stay proactive in our governance and risk reduction efforts.