- Note: This position requires presence in New York City.
The Senior Security GRC Analyst is key to driving our Governance, Risk, and Compliance (GRC) initiatives, making sure they match up with our company’s overall security and compliance strategies and goals. This role focuses on improving security measures and leading audits for different certification programs. Reporting to the Head of Compliance, Elaine Tan, the Senior Analyst is responsible for developing our security frameworks and embedding effective compliance practices throughout our organization.
The ideal candidate will be an excellent communicator, capable of simplifying complex compliance issues for audiences with varying levels of technical and business knowledge. Creativity, innovation, and strategic thinking are essential, as this role involves helping our business and technical teams develop practical, lasting compliance solutions. The ability to build influence and drive new initiatives across different departments is crucial, as is staying calm and collected under pressure. This role involves working with various levels of the business, requiring flexibility in communication and a solid understanding of our operations.
Here, you’ll see the real impact of your work and help shape the future of compliance and governance in a dynamic, fast-moving industry.
What You’ll Do
- Proactively identify gaps or conflicts in existing processes and work to assess solutions with internal business partners for ISO 27001:2022
- Drive compliance efforts at a company pre and post IPO
- Assist with and drive remediation of control deficiencies and gaps identified internally and externally
- Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.)
- Be responsible for Policies Management Program, including keeping them updated
- Lead Compliance Automation program including implementation and maintenance
- Build and lead the Customer Trust program implementation and be responsible for customer assessments, and security questionnaires
- Partner with cross functional teams, including collaborating and providing direction for our Sales team
You
- Have 4-6 years’ experience in managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks
- Have 1-3 years experience in ISO 27001:2022 ISMS. This is required
- Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives
Nice to Have
- Experience in the machine learning or computer hardware industry
- Familiarity with Whistic
Salary Range Information
Based on market data and other factors, the salary range for this position is $150,000- $185,000. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.