Security Governance, Risk and Compliance Analyst
Do you want to shape the future of enterprise software?
At Aera Technology, we apply Internet scale technology to the challenges facing enterprise businesses. Think of the self-driving car: connected, always-on, thinking, and autonomous. Our mission is to enable companies in the same way.
The Governance, Risk, and Compliance Analyst is charged with assisting the organization with the identification, assessment, measurement, monitoring and management of risk. The GRC Analyst will focus primarily on the maintenance of an effective Enterprise Governance Risk and Compliance (GRC) program and facilitate the identification of risks, ensuring proper mechanisms are in place to manage the identified risks. The ideal candidate will be up to the challenge of developing security policies and standards, risk frameworks, and processes in an innovative and flexible way to support fast-paced and empowered environments. This role will work closely with Information Security leadership to implement the procedures and controls necessary to ensure and protect the safety and security of information systems, assets, and customer data.
- Perform risk assessment and risk management activities across the company
- Manage vendor relationships (from a risk and security perspective)
- Complete customer due diligence including contract reviews and security questionnaires
- Lead risk-focused culture and process change through training and interaction with key leaders
- Work closely with leaders in IT and Operations functional areas to ensure security standards, policies, and procedures are deeply embedded and understood
- Work with third party auditors and guide internal audits against regulatory frameworks (SSAE 18 SOC 2 type 2, HIPAA, GDPR, ISO 27001)
- Identify and Report Control deficiencies, raise the appropriate risks and work with stakeholders to create remediation plans
- Manage projects that relate to governance, risk, and compliance initiatives
- Be part of a team that promotes risk and security awareness and training programs
- Develop and implement a risk reporting framework for management teams and governance committees
- Willingness to learn and stay current with industry trends relating to cyber security, privacy and risk
- Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems or related curriculum
- 2+ years demonstrated experience in risk management, information security, privacy or a data protection or assurance-related function
- Technical and Functional experience in domain of Governance, Enterprise Risk Management and Regulatory Compliance
- Proven understanding of risk assessment methodologies, frameworks, and procedures and the ability to work flexibly with them to meet organizational size, maturity, and culture considerations
- Facilitates IT governance implementation
- Experience building network of relationships across functions and to liaise with senior management
- Ability to think strategically about security risks and tie those to tactical organizational activities
- Open to learning and working on new domains and technology
- Ability to manage all aspects of large-scale projects to bring about organizational change
- Experience with risk assessments and compliance of major regulatory initiatives (e.g. HIPAA, ISO, PCI, SOX, FEDRAMP, SSAE18, GDPR)
At Aera, we're on a mission to solve the biggest, most intractable challenges of enterprise software. We envision the rise of the Self-Driving Enterprise: a more autonomously functioning business with a central operating system that connects and orchestrates business operations. Our platform is increasingly used by the world's largest companies to identify and respond to market opportunities faster.
If you share our passion for building the next generation of enterprise software and implementing it for the most sophisticated customers in the world, you’ve met your match. Headquartered in Mountain View, California, we're growing fast, with teams in Mountain View and San Francisco (California), Bucharest and Cluj-Napoca (Romania), Paris (France), Munich (Germany), London (UK), Pune (India), and Sydney (Australia). So join us, and let’s build this!