As a GRC Controls Tester, you'll lead audits and control tests across compliance frameworks while collaborating with cross-functional teams to ensure security and operational efficiency in a cloud environment.
Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins.
Why join Coupa?
🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend.
🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence.
🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other.
Learn more on Life at Coupa blog and hear from our employees about their experiences working at Coupa.
The Impact of a GRC Controls Tester at Coupa:
We’re seeking a GRC Controls Tester to join our growing team that manages over 30 product audits including SOC 2, PCI, and ISO 27001. This role will be a key contributor to technical control testing, with a focus on cloud-native environments (AWS, Azure), IAM, and Cloud Operations.
You will collaborate with engineering, security, DevOps, and audit teams to evaluate control effectiveness, support remediation efforts, and drive audit readiness in a fast-paced, cloud-centric environment.
What You'll Do:
- Lead the design and effectiveness testing of technical and operational controls across multiple compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001/27701/42001, SWIFT, TISAX, C5 or UK Cyber Essentials).
- Develop, execute, and maintain control testing scripts and walkthroughs to validate configurations, access controls, and cloud-native security mechanisms.
- Conduct gap assessments against regulatory and industry standards, document findings, and recommend mitigation strategies.
- Evaluate technical controls across IAM, cloud operations, CI/CD, IaC, container security, and vulnerability management to ensure compliance alignment.
- Collaborate with control owners across Engineering, IAM, IT, Cloud Operations, and Security to map, validate, and optimize control implementations.
- Automate audit evidence collection using scripts, APIs, and tools; maintain a standardized control library and audit-ready documentation for assurance activities.
What You Will Bring to Coupa:
- 5+ years of experience in technical audit, cloud security, IT risk management, or compliance.
- Hands-on expertise with cloud service providers (AWS, Azure), particularly in IAM and Cloud Operations.
- Strong understanding of PCI DSS, with direct experience supporting technical aspects of PCI audits.
- Familiarity with DevSecOps practices, CI/CD workflows, and the secure software development lifecycle (SSDLC).
- Deep knowledge of key control domains: access control & IAM, logging & monitoring, system hardening, and vulnerability management.
- Skilled at translating complex technical controls into clear audit documentation and actionable evidence, with strong cross-functional communication abilities.
#LI-REMOTE
#LI-KG1
Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees.
Please be advised that inquiries or resumes from recruiters will not be accepted.
By submitting your application, you acknowledge that you have read Coupa’s Privacy Policy and understand that Coupa receives/collects your application, including your personal data, for the purposes of managing Coupa's ongoing recruitment and placement activities, including for employment purposes in the event of a successful application and for notification of future job opportunities if you did not succeed the first time. You will find more details about how your application is processed, the purposes of processing, and how long we retain your application in our Privacy Policy.
Top Skills
AWS
Azure
Ci/Cd
Devsecops
Iam
Iso 27001
Pci Dss
Similar Jobs at Coupa
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Sales Operations Analyst conducts customer success performance analysis, develops dashboards, manages Salesforce, and collaborates on process improvements.
Top Skills:
Google SheetsExcelSalesforce
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Sales Operations Analyst will analyze sales performance, manage Salesforce data, maintain reports and dashboards, and collaborate on operational improvements to enhance customer success metrics.
Top Skills:
Google SheetsExcelSalesforce
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Sr. DevOps Engineer will design and maintain the observability strategy, implement monitoring solutions, and support collaboration across teams for performance optimization.
Top Skills:
AnsibleAWSAzureChefData DogDynatraceElasticsearchGoGrafanaInfluxJavaKibanaLogstashNew RelicOpen TelemetryPrometheusPythonRubyStatsdTelegraf
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
