GRAIL is a healthcare company whose mission is to detect cancer early, when it can be cured. GRAIL is focused on alleviating the global burden of cancer by developing pioneering technology to detect and identify multiple deadly cancer types early. The company is using the power of next-generation sequencing, population-scale clinical studies, and state-of-the-art computer science and data science to enhance the scientific understanding of cancer biology, and to develop its multi-cancer early detection blood test. GRAIL is headquartered in Menlo Park, CA with locations in Washington, D.C., North Carolina, and the United Kingdom. GRAIL, LLC is a wholly-owned subsidiary of Illumina, Inc. (NASDAQ:ILMN). For more information, please visit www.grail.com.
As a Compliance Manager on the GRAIL Security team, you’ll be focused on ensuring that the broad array of software systems and projects at GRAIL follow a usable and automated approach to a high bar against standardized security compliance frameworks. Your work will be a key component in helping GRAIL build effective, efficient, easy-to-use, scalable, and compliant systems in order to create an effective product to detect cancer.
- Support developing compliance programs that map to standard frameworks (including ISO 27001, SOC2, HITRUST, PCI, HIPAA, etc)
- Support ongoing certification assessments
- Maintain documentation, processes, and continuous monitoring of GRAIL’s implementation of various control frameworks (e.g. NIST CSF, CIS CSC20, NIST sp800-53).
- Participate in selecting, planning, and implementing control programs with a focus on automating compliance functions.
- Experience with compliance and risk management frameworks, such as SOC2, SOX, ISO/IEC 27001, SOC2, HITRUST, PCI, HIPAA, GDPR.
- Knowledge of Cloud Data Security on Public Cloud Infrastructure (AWS, GCP, etc).
- MS or BS degree in Computer Science, Information Systems, or equivalent experience.
- Proactive, energetic, self-assured professional with high personal integrity and ability to develop good interpersonal relationships.
- CISA, CISM, GIAC, CISSP, AWS certifications, or other Information Security-related designation.
- Understanding of AWS security tools and DevSecOps technical stack.
- Excellent verbal and written communication skills.
GRAIL is an Equal Employment Office and Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status. We will reasonably accommodate all individuals with disabilities so that they can participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Following extensive monitoring, research, consideration of business implications, and advice from internal and external experts, GRAIL has made the decision to require all U.S. employees receive the COVID-19 vaccines as a condition of employment. “Full vaccination” is defined as two weeks after both doses of a two-dose vaccine or two weeks since a single-dose vaccine has been administered. Anyone unable to be vaccinated, either because of a sincerely held religious belief or a medical condition or disability that prevents them from being vaccinated, can request a reasonable accommodation.