Security Governance, Risk and Compliance Analyst

2 Months ago • 5 Years +

Job Summary

Job Description

As the Senior GRC Analyst at Aera, you will be responsible for the Governance and Compliance program, ensuring alignment with security needs of customers. You will collaborate with IT, HR, SRE, Engineering, and the security team, reporting to the CSO and executive staff. Responsibilities include reviewing the security program, ensuring compliance with SOC 2 and ISO 27001, completing customer due diligence, reviewing HR compliance, assisting with Privacy compliance (GDPR), ensuring change management compliance, working with third-party auditors, reviewing infrastructure reports, identifying control deficiencies, managing GRC projects, promoting risk and security awareness, and developing a risk reporting framework. This role requires staying current with industry trends in cybersecurity, privacy, and risk.
Must have:
  • 5+ years experience in risk management, information security, or privacy.
  • Experience in Governance, Enterprise Risk Management and Regulatory Compliance
  • Understanding of risk assessment methodologies, frameworks, and procedures.
  • Facilitates IT governance implementation
  • Experience building network of relationships across functions and to liaise with senior management
  • Ability to think strategically about security risks and tie those to tactical organizational activities
  • Open to learning and working on new domains and technology
  • Experience with risk assessments and compliance of major regulatory initiatives (e.g. HIPAA, ISO, PCI, SOX, FEDRAMP, SSAE18, GDPR)
Perks:
  • Stock Options: We believe every Aera team member should have a stake in our future success
  • Medical: A medical subscription to one of the main private healthcare clinic networks (Regina Maria)
  • Employee Referral Program: Earn cash when your referrals get hired!
  • Paid Time Off: Benefit from the beginning of 25 annual leave days;
  • Snacks: When you’re working from the office, you’ll have access to our fully stocked kitchen with a selection of snacks and beverages
  • Events and Extras: We work hard and get things done, but we also value the importance of having fun: office outings; birthday celebrations; holiday parties; weekly in-office lunches, and more
  • Work Schedule: We’re open to a hybrid work model, and can offer a flexible daily schedule depending on your role

Job Details

Aera Technology is a pioneer in the growing category of Decision Intelligence – the technology to digitize, augment, and automate decision-making processes with AI and machine learning. Through our AI decision automation platform, Aera Decision Cloud™, we are helping the best-known brands in the world make smarter, faster decisions.

Privately-held and VC-funded, we have a global team of over 400 Aeranauts – and we’re growing. We deliver Decision Intelligence innovation and services that enable enterprises to automate and scale decision making with accuracy and speed. We continue to be the trusted choice of market leaders for our proven ability to generate value and unlock opportunities that were previously unattainable. 

As the Senior GRC Analyst at Aera you will be responsible for our Governance and Compliance program. We are a fast-paced Global company with a changing infrastructure as well as global customers who require top standards of security. Our security program at Aera is an established and certified program that keeps our business needs aligned with the security needs of our customers. You will be working closely with IT, HR, SRE, Engineering, and other members of the security team. Your reports and recommendations will be used by the CSO and executive staff to make critical decisions about the security of our business and our customers.

Responsibilities

    • Review the overall health and performance of the Security program and governance at Aera including reporting on risk assessment across the company.
    • Ensure compliance with SOC 2 and ISO 27001 standards are met and new changes and standards are incorporated into the governance policies and procedures at Aera.
    • Complete customer due diligence including contract reviews and security questionnaires
    • Review HR compliance standards including training, onboarding and offboarding procedures are complete and accurate.
    • Assist with Privacy compliance requirements like the GDPR and ensure our security controls meet the various privacy requirements.
    • Work closely with leaders in IT and Operations functional areas to ensure change management processes meet compliance requirements.
    • Work with third party auditors and guide internal audits against regulatory frameworks (SSAE 18 SOC 2 type 2, HIPAA, GDPR, ISO 27001)
    • Review infrastructure reports from both IT and cloud assets meet our standards.
    • Identify and Report Control deficiencies, raise the appropriate risks and work with stakeholders to create remediation plans
    • Manage projects that relate to governance, risk, and compliance initiatives
    • Be part of a team that promotes risk and security awareness and training programs
    • Develop and implement a risk reporting framework for management teams and governance committees
    • Willingness to learn and stay current with industry trends relating to cyber security, privacy and risk 

About You

    • Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems or related curriculum
    • 5+ years demonstrated experience in risk management, information security, privacy or a data protection or assurance-related function
    • Technical and Functional experience in domain of Governance, Enterprise Risk Management and Regulatory Compliance
    • Proven understanding of risk assessment methodologies, frameworks, and procedures and the ability to work flexibly with them to meet organizational size, maturity, and culture considerations
    • Facilitates IT governance implementation
    • Experience building network of relationships across functions and to liaise with senior management
    • Ability to think strategically about security risks and tie those to tactical organizational activities
    • Open to learning and working on new domains and technology
    • Ability to manage all aspects of large-scale projects to bring about organizational change
    • Experience with risk assessments and compliance of major regulatory initiatives (e.g. HIPAA, ISO, PCI, SOX, FEDRAMP, SSAE18, GDPR)

Perks and Benefits

    • Stock Options:  We believe every Aera team member should have a stake in our future success
    • Medical:  A medical subscription to one of the main private healthcare clinic networks (Regina Maria) 
    • Employee Referral Program:  Earn cash when your referrals get hired!
    • Paid Time Off: Benefit from the beginning of 25 annual leave days;
    • Snacks: When you’re working from the office, you’ll have access to our fully stocked kitchen with a selection of snacks and beverages
    • Events and Extras:  We work hard and get things done, but we also value the importance of having fun: office outings; birthday celebrations; holiday parties; weekly in-office lunches, and more
    • Work Schedule:  We’re open to a hybrid work model, and can offer a flexible daily schedule depending on your role
    • Note: We’re continuously re-evaluating these to offer the best for our Aeranauts, so these are subject to change for the better
If you share our passion for building a sustainable, intelligent, and efficient world, you’re in the right place. Established in 2017 and headquartered in Mountain View, California, we're a series D start-up, with teams in Mountain View, San Francisco (California), Bucharest and Cluj-Napoca (Romania), Paris (France), Munich (Germany), London (UK), Pune (India), and Sydney (Australia).  So join us, and let’s build this!

Aera Technology is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, Aera Technology will consider for employment qualified applicants with arrest and conviction records. 
 
Aera Technology respects the privacy of your data.  Please take the time to read our European GDPR privacy candidate notice available here

Similar Jobs

Light Speed Studios - Senior Gameplay Engineer

Light Speed Studios

Los Angeles, California, United States (On-Site)
2 Months ago
PwC - Senior Consultant

PwC

Bengaluru, Karnataka, India (On-Site)
7 Months ago
GameJobs - Senior Data Scientist (Full Stack)

GameJobs

Austin, Texas, United States (On-Site)
1 Year ago
Google - Account Strategist, Google Customer Solutions

Google

Seoul, South Korea (On-Site)
1 Week ago
Cognite - Performance Engineer

Cognite

Bengaluru, Karnataka, India (Hybrid)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

The Walt Disney Company - Senior Product Designer

The Walt Disney Company

Santa Monica, California, United States (On-Site)
2 Weeks ago
Take-Two Interactive - Senior Software Engineer

Take-Two Interactive

San Francisco, California, United States (Hybrid)
1 Day ago
Rocksteady Studios - Game Director

Rocksteady Studios

London, England, United Kingdom (Hybrid)
2 Months ago
NVIDIA - Senior System Software Engineer - Autonomous Driving

NVIDIA

Beijing, Beijing, China (On-Site)
2 Months ago
ByteDance - Senior Software Engineer - Generative AI

ByteDance

San Jose, California, United States (On-Site)
3 Months ago
The Walt Disney Company - Senior QA Analyst

The Walt Disney Company

Glendale, California, United States (On-Site)
3 Months ago
Microsoft - Senior Data Scientist

Microsoft

(On-Site)
2 Weeks ago
version 1 - Business Development Director

version 1

London, England, United Kingdom (On-Site)
2 Months ago
Canonical - Junior Software Developer - Observability

Canonical

(Remote)
10 Hours ago
Blinkhealth - Call Center Representative

Blinkhealth

Pittsburgh, Pennsylvania, United States (On-Site)
1 Day ago

Get notifed when new similar jobs are uploaded

Jobs in Bucharest, Bucharest, Romania

Maximum Games - Senior Video Game Backend Developer

Maximum Games

Bucharest, Bucharest, Romania (On-Site)
4 Weeks ago
Every matrix - Middle Java Developer

Every matrix

Bucharest, Bucharest, Romania (Hybrid)
1 Month ago
PwC - SAP Extended Warehouse Management

PwC

Bucharest, Bucharest, Romania (On-Site)
5 Months ago
ASSIST Software - Linux Developer

ASSIST Software

Suceava, Suceava County, Romania (On-Site)
3 Months ago
Google - Software Engineer III, Android Enterprise Services

Google

Bucharest, Bucharest, Romania (On-Site)
2 Days ago
YouGov - Marketing Analytics Graduate

YouGov

Bucharest, Bucharest, Romania (Hybrid)
10 Hours ago
Coda - Senior/Staff Front End Engineer

Coda

Bucharest, Bucharest, Romania (Hybrid)
1 Year ago
PwC - Developing Senior Auditor - Financial Services

PwC

Bucharest, Bucharest, Romania (Hybrid)
1 Month ago
Ness Digital - Big Data Engineer

Ness Digital

Timișoara, Timiș, Romania (Remote)
1 Month ago
Logifuture - C# Tech Lead

Logifuture

Bucharest, Bucharest, Romania (Hybrid)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Pune, Maharashtra, India (Hybrid)

Boston, Massachusetts, United States (Hybrid)

Pune, Maharashtra, India (Hybrid)

Bucharest, Bucharest, Romania (Hybrid)

Pune, Maharashtra, India (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (On-Site)

View All Jobs

Get notified when new jobs are added by AeraTechnology

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug