Senior Technology GRC Analyst

Our security team defends the products, data and systems that power Chainalysis
We are committed to building a diverse team of builders, breakers and shapers to address complex security problems in a novel, exciting space

A Senior GRC Analyst is proficient at taking in the inner workings of Chainalysis and harmonizing them with complex risk, governance, and compliance policies
They do this to both create a more secure and compliant environment for our teams and to build trusting relationships with our customers
As a security advocate, you are never satisfied with the status quo and are constantly hunting for threats to an organization
Please note, this is a Hybrid role with one day a week in office

In one year you’ll know you were successful if…

  • You have led the efforts to help operationalize various GRC capability areas such as enterprise security risk management, compliance management, and policy management
  • Partner with a growing sales team by contributing to the development of customer-facing materials covering topics related to security, privacy, and compliance features of our products and services
  • You have helped complete CMMC attestation Lvl 1 Implemented a Technological Based Risk Register
  • Assisted with internal and external audit and risk assessments (eg
    SOC2, GDPR, ISO27001)
  • Lead or assisted with the remediation of risk assessment findings 

A background like this helps: 

  • Previously held relevant security or related role(s)
  • Experience with Software-as-a-Service or cloud service providers industry challenges
  • Foundational knowledge of IT Audit/compliance process and activities
  • Foundational knowledge of technical risk analysis and methodologies
  • Experience working in a regulated environment enforcing policies and procedures
  • Possesses the ability to drive projects to conclusion, while collaborating with a diverse
  • group of professionals from both technical and non-technical background
  • Able to collect, synthesize, and analyze data from multiple outputs, including computerlog sources to draw valid conclusions
  • Strong interpersonal skills and ability to work effectively with diverse and distributed teams
  • SOC2, ISO27001, PCI, HITRUST, FEDRAMP and GDPR experience are all big pluses
  • Verbal communication and presentation skills
  •  Self-motivated with good time management skills

The base salary range for this role is $133,700 to $167,100  on a national basis and may be higher or lower depending on the location of the role
Base salary is just one part of our total rewards package which additionally includes equity, performance bonus or commissions for eligible roles, and competitive benefits
Individual pay decisions are based on a number of factors, including qualifications for the role, relevant work experience, skillset, internal equity, and other factors, consistent with applicable law


Listed in: , , , , , , , ,