Senior Governance, Risk & Compliance Analyst
Who We Are
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attack. Our combination of market-defining technology, processes, and expertise are preventing breaches every day. We are completely changing the way security is delivered and setting the new standard for security. If our mission resonates with you, let’s talk!
What We Believe In
- Do what’s right for the customer
- Be kind and authentic
- Deliver great quality
- Be relentless
Challenges You Will Solve
At Red Canary, the protection of our customers and their data is of the utmost importance. Red Canary’s Governance, Risk & Compliance (GRC) team ensures that our people, platforms, and data remain secure from all forms of harm. As a Senior GRC Specialist, you will help ensure that our controls, policies, and procedures are designed and executed to deliver the best possible outcomes for Red Canary and our customers. The Governance, Risk and Compliance Specialist is responsible for day to day activities across the entire scope of Red Canary’s GRC programs.
What You'll Do
- Contribute to all internal governance, risk and compliance activities.
- Work with business unit leaders to improve guardrails, making compliance transparent, simple, and easy.
- Ensure that policies and controls are effective, while aligning them to company culture and all applicable compliance requirements.
- Contribute to the success of annual SOC 2 Type II and ISO 27001 audit activities.
- Respond to customer, partner or vendor questionnaires in support of the sales team and contractual obligations.
- Deliver security awareness training that is both relevant and instructive.
- Automate the collection and presentation of auditing data for internal and external consumption.
What You'll Bring
- Expertly identifies, articulates, and designs mitigating strategies around risks.
- Can seamlessly context-shift between various compliance and regulatory frameworks, with solid experience with SOC 2 and ISO 27001, specifically.
- Speaks the language of auditors, but can articulate modern technological paradigms (i.e., infrastructure-as-code, CI/CD, etc.).
- Has outstanding written and verbal communication skills.
- Understands the balance between policy and culture; someone who can ensure safety without impeding the creative whirlwind.
- Understands the unique risks presented by cloud-native architecture, and compliance and audit strategies for environments heavily reliant on SaaS
- Has experience, or interest, in applying automation to the collection and presentation of compliance data.
Targeted base salary range: $120,000 - $145,000 + bonus eligibility and equity depending on experience
Why Red Canary?
Red Canary is where people embody our mission to improve security outcomes for all. People work hard to maintain a culture that encourages authenticity in order to do your best work. Our people are driven and committed to finding the best security outcomes, delivering real and actionable answers, and being transparent along the way.
At Red Canary, we offer a very rich benefits program to our full-time team members so they can focus on their families and improving our customers’ security. For a full list of benefits, please review our Benefits Summary:
https://redcanary.com/wp-content/uploads/2021/01/Benefit-Summary-Red-Canary.pdf
Individuals seeking employment at Red Canary are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.