Senior GRC Analyst
Ladders · United States · 5 days ago
RemoteRemoteBusiness Development$100k–$130k/yrFull-time
Responsibilities
- Own and maintain SOC 2 Type II and ISO 27001 certifications, including audits and evidence collection
- Lead compliance efforts for additional certifications through gap assessments and policy updates
- Manage GRC platform daily, including control mapping and audit preparations
- Drive security working group initiatives for risk identification and policy updates
- Design and implement security controls aligned with chosen frameworks
- Oversee penetration testing and remediation of findings with engineering
- Engage in customer security discussions, representing compliance posture credibly
Qualifications
- 5+ years in security, compliance, or GRC with ownership of SOC 2 Type II and ISO 27001 in a cloud context
- Hands-on experience with Vanta or similar GRC platform
- Technical fluency with ability to read pen test reports and discuss risk with engineers
- Strong understanding of auditor perspectives from prior experiences
- Familiarity with PCI DSS and GDPR, and relevant certification processes
- Experience with enterprise sales support focusing on security compliance
- Excellent communication skills tailored to diverse audiences
Benefits
- Equity at an early-stage startup
- Comprehensive health insurance including medical, dental, and vision
- Guilt-Free Unlimited PTO with a strong encouragement for a minimum of 3 weeks
- Opportunities for upward mobility
- Learning and Development Stipend for professional growth
- Access to a Wealth Advisor for financial planning
- 401k retirement plan
- Family leave benefits including pregnancy and adoption support
Pay
$100,000 – $130,000 annually
Schedule
Remote - US based candidates only, no visa sponsorship available