About Clay

Our mission is to help organizations turn any growth idea into reality.

We see growth as a creative practice not a formula. Finding and reaching your best-fit customers takes unique ideas and constant iteration. As AI makes execution faster and tactics easier to copy creativity is the only lasting advantage. Were already helping thousands of customers including Anthropic Notion Google and Ramp go to market with unique data signals and AI research.

In 2025 we raised a $100M Series C backed by world-class investors including Sequoia CapitalG and First Round and crossed $100M in revenue.

In 2026 we announced our second employee tender offer in 9 months at a new $5B valuation. We also launched a community equity round for our customers agency partners and club members.

Some things to know about us:

• Our community includes 11000 customers 150 integration partners 125 agencies 50 Clay clubs and 30k members on Slack.

• Our culture is unique inside and outside of work. Our team members are also DJs activists writers clowns marathoners skydivers psychedelic therapists social workers and more.

• All employees can work for free with world-class coaches who specialize in creativity management and more.

• Our operating principles including negative maintenance and non-attached action guide our work. Read more about them here.

• Read about us in the NYT Forbes First Round Review and more.

Hear from our employees directly on our Glassdoor page!

Job Summary

We are seeking a detail-oriented GRC (Governance Risk and Compliance) Analyst with a strong emphasis on privacy to join our this role you will play a critical part in maintaining our compliance posture by handling regulatory data subject requests understanding and applying relevant privacy frameworks assisting with customer security inquiries and managing remediation efforts through our compliance platform. The ideal candidate is proactive knowledgeable in privacy regulations and capable of collaborating with cross-functional teams to uphold data security and compliance standards.

Key Responsibilities

• Data Subject Request Management: Execute and optimize processes for handling data subject requests including data deletion opt-out from data sharing and access inquiries ensuring timely and accurate responses in line with legal requirements

• Privacy and Compliance Expertise: Stay current with and interpret various privacy and compliance frameworks (e.g. GDPR CCPA/CPRA and applicable state laws) to guide company practices and ensure ongoing adherence

• Customer Security Support: Assist in responding to security and privacy questionnaires from prospective and existing customers with a particular focus on privacy data protection and compliance-related questions

• Compliance Maintenance and Remediation: Monitor and maintain compliance using our platform (Vanta) including uploading evidence of controls refreshing policies as needed and escalating technical issues to engineering teams for remediation when flagged

• Third-Party Risk Management: Work with our partners and vendors to identify and monitor third-party risk and guide them to improve over time

• Risk Assessment and Reporting: Conduct regular reviews of privacy risks contribute to internal audits and prepare reports on compliance status for leadership

• Cross-Functional Collaboration: Work closely with legal engineering and customer success teams to integrate privacy-by-design principles and resolve compliance gaps efficiently

Qualifications

• Bachelors degree in Information Security Law Business or a related field; relevant certifications (e.g. CIPP CIPM or CISSP) are highly preferred

• 2 years of experience in GRC privacy or compliance roles ideally in a SaaS or tech environment handling sensitive personal data

• 2 years of experience in managing high-volume data subject access requests (DSARs) and opt-out processes under GDPR CCPA and similar regulations

• Familiarity with compliance tools like Vanta or similar platforms for evidence management and policy updates

• Experience responding to customer security questionnaires and vendor risk assessments

Required Skills

• Strong understanding of global privacy laws and frameworks with the ability to apply them practically

• Excellent analytical and problem-solving skills with attention to detail in documenting processes and evidence

• Proficiency in escalating technical compliance issues and collaborating with engineering teams

• Effective communication skills for interacting with customers stakeholders and internal teams

• Ability to work independently in a fast-paced environment while prioritizing compliance tasks

Preferred Skills

• Knowledge of additional compliance standards (e.g. ISO 27001 SOC 2)

• Experience with data mapping privacy impact assessments (PIAs) or incident response in a privacy context

• Technical aptitude for understanding SaaS infrastructure and data flows

Required Experience:

IC