Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Own and improve our GRC program while collaborating with technical teams.
- Company: Join Synthesia, a leading AI video platform trusted by top brands.
- Benefits: Enjoy remote work, competitive salary, and opportunities for professional growth.
- Other info: Be part of a passionate team shaping the future of AI.
- Why this job: Make a real impact in a fast-growing AI unicorn and enhance your skills.
- Qualifications: Hands-on technical background and eagerness to learn about compliance.
The predicted salary is between 60000 - 80000 ÂŁ per year.
Synthesia is the world’s leading AI video platform for business, used by over 90% of the Fortune 100. Founded in 2017, the company is headquartered in London, with offices and teams across Europe and the US. As AI continues to shape the way we live and work, Synthesia develops products to enhance visual communication and enterprise skill development, helping people work better and stay at the center of successful organizations.
We are looking for a GRC Analyst to help us run and evolve our governance, risk, and compliance program in a way that is credible with technical teams and useful for the business. We are not looking for a traditional “paper compliance” role. The ideal candidate has a strong technical foundation - whether from engineering, IT management, DevOps, SRE, or a similar hands-on background - and can bridge the gap between how systems are actually built and operated (GitHub, CI/CD, Kubernetes, cloud, observability) and what we need to demonstrate for audits, customers, and leadership.
You will work closely with Engineering, DevOps/Platform, Security, Legal, and customer-facing teams to keep us audit-ready, reduce risk in practical ways, and support the next wave of compliance efforts (for example ISO 22301, and longer-term options like HITRUST and FedRAMP). You don’t need to be a compliance expert, but if you have a solid background in security, are eager to learn, and are ready to be bold and take ownership, this role offers a great opportunity to grow quickly and actually have a real impact in a hypergrowth AI unicorn.
What you'll be doing:
- GRC Program Ownership
- Own and continuously improve our GRC program across ISO 27001, SOC 2, ISO 27701, and ISO 42001, including control mapping and evidence expectations.
- Partner with control owners to make compliance repeatable and low-friction - evidence as a habit, not a scramble.
- Drive audit readiness: artifacts, timelines, action tracking, and clear control demonstration.
- Improve policies, standards, and procedures so they reflect how we actually operate.
- Technical-to-Compliance Translation
- Build strong working relationships with DevOps/Platform and engineering teams.
- Evaluate technical implementations - branch protection, CI/CD, Kubernetes, cloud architecture, monitoring - well enough to ask good questions and validate evidence.
- Translate technical reality into clear audit narratives without losing accuracy.
- Risk Management
- Contribute to risk identification and assessment across technical, operational, and vendor domains.
- Maintain risk registers and track mitigations to closure.
- Support leadership reporting by surfacing themes and trends that lead to real decisions.
- Growth into Future Certifications
- Evaluate and prepare for ISO 22301, and potentially HITRUST and FedRAMP as business needs evolve.
- Identify gaps early and propose pragmatic roadmaps that engineering teams can execute.
We'd love to hear from you if you:
- Have a hands-on technical background (engineering, DevOps/SRE, IT management, or similar) and understand how cloud environments work, especially AWS.
- Can follow technical conversations well beyond what a traditional auditor can - you understand how the sausage is made.
- Have experience supporting audit cycles and know what good evidence looks like.
- Are organised, proactive, and can drive multiple workstreams independently - with clear, thoughtful communication across both technical and business audiences.
- Have technical aptitude: comfortable writing a simple script when needed, and experienced using AI and LLM tools in your work.
Bonus points if you:
- Have direct experience with ISO 27001, SOC 2, ISO 42001, or ISO 27701, or have worked in ISO 22301, HITRUST, or FedRAMP environments.
- Have used GRC tooling such as Vanta, Drata, or OneTrust.
- Have built lightweight automation to reduce compliance toil.
- Have worked in a fast-growing SaaS company and supported an external audit.
Why join us?
We’re living the golden age of AI. The next decade will yield the next iconic companies, and we dare to say we have what it takes to become one.
Our culture
At Synthesia we’re passionate about building, not talking, planning or politicising. We strive to hire the smartest, kindest and most unrelenting people and let them do their best work without distractions. Our work principles serve as our charter for how we make decisions, give feedback and structure our work to empower everyone to go as fast as possible.
Serving 50,000+ customers (and 50% of the Fortune 500)
We’re trusted by leading brands such as Heineken, Zoom, Xerox, McDonald’s and more.
Proprietary AI technology
Since 2017, we’ve been pioneering advancements in Generative AI. Our AI technology is built in-house, by a team of world-class AI researchers and engineers.
AI Safety, Ethics and Security
AI safety, ethics, and security are fundamental to our mission. While the full scope of Artificial Intelligence's impact on our society is still unfolding, our position is clear: People first. Always.
The hiring process:
- 30-40min call with our Technical Recruiter
- 60mins call with the Hiring Manager about your past projects
- Take-Home Assignment
- 90mins Debrief with the Hiring Manager and our Head of Security
Other important info:
This is a remote role from the UK OR an EU country. This is full-time employment only - no contractors possible.
GRC Analyst in London employer: Synthesia
Contact Detail:
Synthesia Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Analyst in London
✨Tip Number 1
Network like a pro! Reach out to folks in your industry on LinkedIn or at events. A friendly chat can open doors that a CV just can't.
✨Tip Number 2
Prepare for those interviews! Research Synthesia and its GRC needs. Show us you understand our tech and how you can bridge the gap between compliance and engineering.
✨Tip Number 3
Practice makes perfect! Do mock interviews with friends or use online platforms. The more comfortable you are, the better you'll perform when it counts.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who take that extra step!
We think you need these skills to ace GRC Analyst in London
Some tips for your application 🫡
Be Authentic: When you're writing your application, let your personality shine through! We want to get to know the real you, so don’t be afraid to share your unique experiences and perspectives.
Tailor Your Application: Make sure to customise your application for the GRC Analyst role. Highlight your technical background and how it relates to governance, risk, and compliance. Show us why you're the perfect fit!
Showcase Your Skills: Don’t just list your skills; demonstrate them! Use specific examples from your past experiences that showcase your hands-on technical abilities and how they can benefit our GRC programme.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity at Synthesia!
How to prepare for a job interview at Synthesia
✨Know Your Tech Inside Out
As a GRC Analyst, you need to bridge the gap between technical teams and compliance. Brush up on your knowledge of GitHub, CI/CD, Kubernetes, and cloud environments like AWS. Be ready to discuss how these technologies impact governance, risk, and compliance.
✨Prepare for Real-World Scenarios
Synthesia is looking for someone who can translate technical realities into clear audit narratives. Think about past experiences where you’ve had to demonstrate compliance or manage risks. Prepare specific examples that showcase your ability to make compliance low-friction and repeatable.
✨Show Your Proactive Side
The role requires someone organised and proactive. Be prepared to discuss how you've driven multiple workstreams independently in the past. Highlight your communication skills and how you’ve collaborated with both technical and business audiences to achieve goals.
✨Embrace Continuous Learning
Since the role involves evolving compliance efforts, express your eagerness to learn about ISO 22301, HITRUST, and FedRAMP. Show that you’re not just a compliance expert but someone who’s ready to grow and adapt as the company scales.