The Company:

Marigold is a fast-growing marketing technology company helping growing businesses build stronger customer relationships through its three core platforms: Emma, Campaign Monitor, and Vuture. We deliver powerful tools for email, SMS, and marketing automation that elevate engagement and drive real results. Marigold is headquartered in Nashville, Tennessee with offices in Sydney and London.

The Role:

The Cyber GRC Analyst will support Marigold’s global cybersecurity governance, risk management, and compliance program. This role requires a foundational understanding of cybersecurity principles, regulatory requirements, and industry-accepted practices to help ensure Marigold’s assets are secure and the integrity of our operations is maintained.

Protecting customer data is a critical concern for our customers and prospects and is often a key factor in their decision to trust our services. This role plays a meaningful part in providing those assurances while supporting Marigold’s continued growth.

In this role, you’ll gain exposure to enterprise and product security controls and collaborate closely with a globally diverse team across product, engineering, infrastructure, legal, and sales.

What You’ll Do:

• Support the development and implementation of cybersecurity governance, risk, and compliance frameworks tailored to Marigold’s products and services.

• Participate in risk assessments to identify threats, vulnerabilities, and gaps in the company’s security posture.

• Collaborate with internal stakeholders to establish and enforce security policies, standards, and procedures.

• Support compliance initiatives and audits aligned with recognized frameworks and standards such as ISO 27001, SOC, NIST, PCI-DSS, and related controls.

• Coordinate responses to customer security assessments, questionnaires, RFPs, data protection agreements, and audit requests.

• Manage third-party risk assessments and vendor security evaluations to help mitigate supply chain risk.

About You:

You’re curious, organized, and motivated by protecting systems, data, and customer trust. You’re comfortable managing multiple priorities, working cross-functionally, and translating security concepts into clear, practical guidance for a variety of audiences.

Ideal Qualifications:

• Experience supporting cybersecurity governance, risk, and compliance activities in a technology-driven environment.

• Solid understanding of information security concepts, controls, and risk management practices.

• Strong time management and organizational skills with the ability to prioritize effectively.

• Excellent written and verbal communication skills across technical and non-technical audiences.

• Ability to work independently while collaborating effectively across teams and organizational levels.

Nice to Have:

• Experience with compliance frameworks such as ISO 27001, SOC, NIST, HITRUST, or CIS Controls.

• Familiarity with cloud security and secure software development lifecycle practices.

• Experience with tools such as Jira, Confluence, Salesforce, Loopio, Safebase, or enterprise GRC platforms.

Compensation & Benefits

Compensation:
The base salary range for this role is $80,000 - $90,000 annually.

The compensation range represents the pay the Company reasonably expects to offer for this position. Actual compensation will be determined based on factors such as skills, experience, qualifications, internal equity, geographic location, and applicable law.

Benefits:

• Competitive benefits including: medical/dental/vision insurance, life/accident/disabilities insurance, supplemental health benefits, FSA, EAP and pet insurance

• Generous time off (we call it Open Time Away) as well as paid holidays and a birthday benefit day off.

• Paid Volunteer Time

• 401k plan with a company match on your contributions.

• Employee-centric and supportive remote work environment with flexibility.

• Support for life events including paid parental leave.