Senior Compliance Analyst

Posted Yesterday
Be an Early Applicant
Hiring Remotely in India
Remote or Hybrid
Senior level
Artificial Intelligence • Fintech • Machine Learning • Natural Language Processing • Business Intelligence
AlphaSense empower professionals to make smarter business decisions with confidence and speed.
The Role
Own end-to-end evidence collection, auditor engagement, control testing, and policy governance for SOC 2, ISO 27001, and ISO 42001. Build AI-augmented, automated compliance workflows, support AI governance and emerging regulation, and partner cross-functionally to keep controls audit-ready and remediations tracked to closure.
Summary Generated by Built In
About AlphaSense: 

The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content.

The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us!

About the Role

AlphaSense is maturing its GRC function and needs a Senior Compliance Analyst to be the operational engine of our compliance program. You will own end-to-end evidence collection and auditor engagement across our ISO 27001, SOC 2, and ISO 42001 certifications—serving as the primary operational liaison between AlphaSense and external assessors throughout Stage 1, Stage 2, and surveillance cycles. You will partner with control owners across Engineering, IT, and Legal to ensure we are continuously audit-ready, not just audit-reactive. You bring an AI-native mindset: you use AI tools to accelerate evidence gathering, draft control narratives, identify documentation gaps, and replace manual toil with intelligent workflows—while applying rigorous judgment to validate every output you ship.But this role is more than executing a compliance program—it is an opportunity to help define what modern compliance looks like. AlphaSense is building a GRC function that we believe can set the standard for how AI-native, high-growth companies approach compliance: not as a checkbox exercise, but as a continuous, automated, and strategically integrated discipline. The practices we build here will influence how compliance is done industry-wide. We are looking for someone who is energized by that challenge—who wants to be part of building something that others will look to as the model.

Key ResponsibilitiesEvidence Collection & Management

Own the full evidence collection lifecycle across all active audit and continuous compliance cycles. Coordinate with control owners to gather, validate, and organize evidence artifacts in the GRC platform (Drata or equivalent). Use AI-assisted workflows to pre-stage evidence, flag stale artifacts, and reduce the manual burden on engineering and IT teams—making it easier for control owners to do this right than to skip it.

Auditor Engagement

Serve as the primary operational point of contact for external auditors during Stage 1, Stage 2, and surveillance audits. Manage auditor portals, respond to RFIs, track open items to closure, and ensure auditors leave each engagement with a complete, accurate view of how AlphaSense's controls operate in practice. Findings get closed before they become repeat findings.

Control Testing & Monitoring

Perform ongoing monitoring and periodic testing of implemented controls. Document control effectiveness, identify gaps, and work with control owners to remediate deficiencies on defined timelines. Map findings to applicable framework requirements across SOC 2, ISO 27001, and ISO 42001. Contribute to transitioning point-in-time control testing toward continuous, automated validation.

Policy & Documentation Governance

Maintain and update security policies, standards, and procedures to keep them aligned with current operational reality and framework requirements. Ensure documentation is version-controlled, accessible, and demonstrably distributed and attested to—satisfying auditor requirements without relying on static PDFs or manual tracking.

AI-Augmented Compliance Workflows

Identify and implement opportunities to use AI tools to streamline evidence gathering, control narrative drafting, audit preparation, and gap analysis. Operate in a human-in-the-loop model: AI accelerates the work, you validate for accuracy, completeness, and confidentiality before anything ships. Actively share what works with the broader GRC team.

AI Governance & Emerging Regulation

Support compliance efforts related to AI regulations and standards including EU AI Act, ISO 42001, and NIST AI RMF. Assist with risk assessments, documentation, and audit evidence for AI governance controls. Collaborate with Engineering and Product to ensure secure and responsible use of generative AI tools across the organization.

Cross-Functional Coordination & Advisory

Partner with Engineering, IT, Legal, and Product to ensure control ownership is clear, evidence is readily available, and compliance requirements are embedded into operational processes—not bolted on at audit time. Provide risk and control guidance on post-implementation reviews and remediation activities. Help stakeholders interpret requirements and build controls into how they actually work.

What Success Looks Like
  • Security and compliance controls are clearly documented, tested, and consistently implemented—with evidence generated by integrations, not collected by hand
  • Risks and compliance gaps are identified early, tracked with owners, and remediated in partnership with technical teams before auditors find them
  • GRC processes scale alongside platform growth and new customer or regulatory requirements without proportional headcount growth
  • Stakeholders across Engineering, Legal, and Product view the GRC function as a trusted, enabling partner—not a compliance checkpoint
  • AI tools are used deliberately and responsibly: output is validated, sensitive data is protected, and automation creates leverage without introducing new risk
  • Audit cycles are managed proactively—evidence is pre-staged, walkthroughs run smoothly, and there are no surprises for auditors or for us
  • Policy documentation is current, version-controlled, and demonstrably distributed—not a last-minute scramble before an audit
Who You AreBasic Requirements
  • 6+ years of experience in GRC, information security, risk management, or IT audit, preferably in a SaaS or cloud-native environment
  • Strong understanding of security and compliance frameworks including SOC 2, ISO 27001, NIST CSF 2.0, and CIS Controls; working knowledge of ISO 42001 and NIST AI RMF
  • AI-native mindset: you use AI tools—LLMs, agents, automation—for real, substantive work including analysis, drafting, evidence gathering, and workflow automation. You apply judgment about where AI creates leverage and where a human must stay in the loop
  • Proficiency with GRC platforms for evidence management and control testing (Drata, Vanta, AuditBoard, ServiceNow GRC, or equivalent)
  • Familiarity with cloud environments (AWS, Azure, or GCP) and the security and compliance posture tooling that runs on them (CSPM, SIEM, identity platforms)
  • Experience supporting external audits across security or privacy domains, including evidence collection, control walkthroughs, and auditor interaction
  • Ability to interpret technical controls and translate findings into compliance, risk, and policy documentation that engineers and non-technical stakeholders both understand
  • Working knowledge of risk registers, control libraries, and policy governance lifecycles
  • Working knowledge of privacy and data protection requirements (GDPR, CCPA/CPRA) and how they intersect with security controls, in partnership with Legal and Product teams
  • Strong written communication, analytical thinking, and attention to detail; able to produce clear audit responses, risk narratives, and control documentation under deadline
  • Hands-on experience managing end-to-end audit evidence collection across ISO 27001, SOC 2 Type II, or equivalent frameworks in a SaaS or cloud environment
  • Direct operational experience working with external auditors as the primary compliance or audit liaison—walkthroughs, RFI responses, finding management
  • Automation-first mentality with demonstrated experience working in an organization that has implemented automated evidence collection—you default to building workflows over doing things manually, and you actively improve the automation rather than working around it
  • Demonstrated use of AI tools (LLMs, AI-assisted GRC workflows) to accelerate compliance work: drafting, research, evidence review, or gap analysis—with a clear practice of validating AI output before it ships
  • Experience maintaining policy governance lifecycles from drafting through distribution, attestation, and version control
  • Strong organizational skills and ability to manage multiple concurrent audit workstreams without losing detail
Nice to Have
  • Relevant certifications: CISA, CRISC, CISM, CISSP, CCSK, or ISO 27001 Lead Auditor/Implementer
  • Experience with AI governance frameworks including ISO 42001, NIST AI RMF, EU AI Act, or OECD AI Principles
  • Exposure to SOX ITGC cycles—managing evidence, walkthroughs, and findings with external auditors
  • Privacy program crossover: data mapping, DPIAs, GDPR/CCPA operational compliance
  • Scripting or automation experience (Python, JavaScript, or low-code tools) applied to GRC or compliance workflows
  • Experience with ISO 42001 AI management system audits or EU AI Act compliance documentation
  • Familiarity with policy-as-code and compliance-as-code approaches: controls expressed as enforceable automated checks, policies in version control, and requirements validated programmatically rather than through manual review
  • Programming or scripting skills (Python, JavaScript, or low-code tools such as n8n, Tines, or Zapier) applied to compliance workflows, evidence automation, or GRC platform integrations
  • Experience building or operating a security awareness and phishing simulation program
  • Background in privacy compliance operations (GDPR, CCPA data mapping, DPIAs) in partnership with Legal

AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination.

In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works.

Recruiting Scams and Fraud

We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note:

  • AlphaSense never asks candidates to pay for job applications, equipment, or training.
  • All official communications will come from an @alpha-sense.com email address.
  • If you’re unsure about a job posting or recruiter, verify it on our Careers page.

If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.

Skills Required

  • 6+ years of experience in GRC, information security, risk management, or IT audit in SaaS or cloud-native environments
  • Strong understanding of SOC 2, ISO 27001, NIST CSF 2.0, and CIS Controls; working knowledge of ISO 42001 and NIST AI RMF
  • AI-native mindset with demonstrated use of LLMs, agents, or automation to accelerate compliance work
  • Proficiency with GRC platforms for evidence management and control testing (Drata, Vanta, AuditBoard, ServiceNow GRC, or equivalent)
  • Familiarity with cloud environments (AWS, Azure, or GCP) and related tooling (CSPM, SIEM, identity platforms)
  • Experience supporting external audits including evidence collection, control walkthroughs, RFI responses, and auditor engagement
  • Ability to interpret technical controls and translate findings into compliance, risk, and policy documentation for technical and non-technical stakeholders
  • Working knowledge of risk registers, control libraries, and policy governance lifecycles
  • Working knowledge of privacy and data protection requirements (GDPR, CCPA/CPRA) and intersections with security controls
  • Strong written communication, analytical thinking, attention to detail, and ability to produce clear audit responses and control documentation under deadline
  • Hands-on experience managing end-to-end audit evidence collection across ISO 27001, SOC 2 Type II, or equivalent frameworks
  • Direct operational experience as primary compliance or audit liaison working with external auditors (walkthroughs, RFIs, finding management)
  • Automation-first mentality with experience implementing automated evidence collection and building workflows
  • Experience maintaining policy governance from drafting through distribution, attestation, and version control
  • Strong organizational skills and ability to manage multiple concurrent audit workstreams
  • Relevant certifications (CISA, CRISC, CISM, CISSP, CCSK, or ISO 27001 Lead Auditor) or equivalent experience
  • Scripting or automation experience (Python, JavaScript, or low-code tools such as n8n, Tines, Zapier) applied to compliance workflows
  • Experience with AI governance frameworks (ISO 42001, NIST AI RMF, EU AI Act) and supporting AI audits

AlphaSense Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about AlphaSense and has not been reviewed or approved by AlphaSense.

  • Inclusive Benefits Coverage Healthcare offerings include gender-affirming care and unlimited fertility coverage in addition to comprehensive medical options. Mental-health resources and an assistance program are also emphasized.
  • Leave & Time Off Breadth PTO is presented as generous or unlimited in the U.S., with volunteer days and notable parental leave for primary caregivers. These policies indicate flexible time-away support.
  • Strong & Reliable Incentives On-target earnings for several sales functions are positioned as competitive, offering meaningful upside when targets are met.

AlphaSense Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: New York, NY
2,000 Employees
Year Founded: 2011

What We Do

AlphaSense is the AI platform redefining market intelligence and workflow orchestration, trusted by thousands of leading organizations to drive faster, more confident decisions in business and finance. The platform combines domain specific AI with a vast content universe of over 500 million premium business documents — including equity research, earnings calls, expert interviews, filings, news, and internal proprietary content. Purpose-built for speed, accuracy, and enterprise-grade security, AlphaSense helps teams extract critical insights, uncover market-moving trends, and automate complex workflows with high quality outputs. With AI solutions like Generative Search, Generative Grid, and Deep Research, AlphaSense delivers the clarity and depth professionals need to navigate complexity and obtain accurate, real-time information quickly. Headquartered in New York City, AlphaSense employs over 2,000 people across offices in the U.S., U.K., Finland, India, Canada, and Ireland. For more information, please visit www.alpha-sense.com.

Why Work With Us

AlphaSense is shaping how companies make decisions. We're product-driven and customer obsessed in our mission to take decision makers from complexity to clarity. Our culture balances ambition with humility, autonomy with teamwork. With mentorship and real ownership, you’ll have everything you need to keep evolving, personally and professionally.

Gallery

Gallery

Similar Jobs

Capco Logo Capco

Project Manager

Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Remote or Hybrid
India
6000 Employees

Magna International Logo Magna International

Senior Engineer

Automotive • Hardware • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
Maharashtra, IND
171000 Employees

Mondelēz International Logo Mondelēz International

Controller

Big Data • Food • Hardware • Machine Learning • Retail • Automation • Manufacturing
Remote or Hybrid
India
90000 Employees

MongoDB Logo MongoDB

Solutions Architect

Big Data • Cloud • Software • Database
Easy Apply
Remote or Hybrid
India
5550 Employees

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account