Senior Governance, Risk & Compliance Analyst
Brooklyn, NY
Full Time Senior-level / Expert USD 150K - 170K
CoreWeave
CoreWeave powers the creation and delivery of intelligence that drives innovation.CoreWeave is the AI Hyperscaler™, delivering a cloud platform of cutting edge services powering the next wave of AI. The company’s technology provides enterprises and leading AI labs with the most performant, efficient and resilient solutions for accelerated computing. Since 2017, CoreWeave has operated a growing footprint of data centers covering every region of the US and across Europe. CoreWeave was ranked as one of the TIME100 most influential companies of 2024.
As the leader in the industry, we thrive in an environment where adaptability and resilience are key. Our culture offers career-defining opportunities for those who excel amid change and challenge. If you’re someone who thrives in a dynamic environment, enjoys solving complex problems, and is eager to make a significant impact, CoreWeave is the place for you. Join us, and be part of a team solving some of the most exciting challenges in the industry.
CoreWeave powers the creation and delivery of the intelligence that drives innovation. To learn more about our values, please visit our careers website.
The Senior Governance, Risk & Compliance (GRC) Analyst at CoreWeave will be responsible for supporting the GRC Manager and internal stakeholders with the design, implementation and enforcement of security, operational and privacy controls to govern the protection of CoreWeave Cloud. The primary focus of this role will be to conduct control readiness assessments, prepare control owners for external audits and track upcoming regulatory and compliance obligations to support CoreWeave’s growth.
Core job duties include, but are not limited to:
- Assist GRC Manager and control owners with internal assessments and external audit engagements
- Manage technical and business stakeholders across CoreWeave to identify, design and implement controls aligned to compliance requirements.
- Track the lifecycle of regulatory and compliance scope to ensure control assessments, evidence collection and reporting requirements are fulfilled.
- Collaborate with Product, Solutions Architect and Engineering teams to simplify and consolidate product related compliance requirements.
- Perform on-going control maturity assessments to identify opportunities for improvement and evidence collection automation.
Qualifications:
- Minimum of 5 years work experience in IT, Security Compliance or Audit function, preferably in the cloud service provider industry
- Educational Qualification: Bachelor's in Information Security, Computer Science, or related degree; Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) Certification or equivalent
- Experience conducting end to end control framework assessments; documenting control effectiveness, gaps, remediation requirements and/or maturity recommendations
- In-depth knowledge of regulatory and compliance requirements, such as: SOX, SOC 2, ISO 27001:2022, ISO 27701, NIST 800-53, NIST CSF, PCI DSS, FedRAMP, GDPR, UK Cyber Essentials, HIPAA, etc.
- Experience collaborating with cross-functional teams, including engineering, infrastructure, security, etc
- Excellent knowledge of reporting procedures and record keeping
- Ability to succeed in a team environment or work as an individual contributor
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $150,000-$170,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.
What We Offer
The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.
In addition to a competitive salary, we offer a variety of benefits to support your needs, including:
- Medical, dental, and vision insurance - 100% paid for by CoreWeave
- Company-paid Life Insurance
- Voluntary supplemental life insurance
- Short and long-term disability insurance
- Flexible Spending Account
- Tuition Reimbursement
- Mental Wellness Benefits through Spring Health
- Family-Forming support provided by Carrot
- Paid Parental Leave
- Flexible, full-service childcare support with Kinside
- 401(k) with a generous employer match
- Flexible PTO
- Catered lunch each day in our office and data center locations
- A casual work environment
- A work culture focused on innovative disruption
Our Workplace
At CoreWeave, we are committed to operating as a hybrid workplace, offering employees flexibility in how they structure their time between in-office and remote work. We recognize the significance of fostering connections, collaboration, and creativity within our office culture and its positive impact on our business. Our philosophy operating as a hybrid workplace underscores our dedication to enabling employees to tailor work-life balance to their individual preferences.
For those who do not live within 30 miles of one of our offices, we are open to considering remote work for candidates whose skills and experience strongly align with the role. While we prioritize a hybrid work environment for most roles, we understand the importance of flexibility and are open to remote work for specific positions and specialized skill sets. Onboarding is essential to your success. New employees not based out of an office will be invited to attend onboarding training at one of our hubs within their first month of employment. We continue to foster a collaborative environment by bringing teams together quarterly.
California Consumer Privacy Act - California applicants only
CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace. All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.
As part of this commitment and consistent with the Americans with Disabilities Act (ADA), CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship. If reasonable accommodation is needed, please contact: careers@coreweave.com.
Tags: Audits Automation CCPA CISA CISSP Cloud Compliance Computer Science FedRAMP GDPR Governance HIPAA ISO 27001 NIST NIST 800-53 PCI DSS Privacy SOC SOC 2 SOX
Perks/benefits: 401(k) matching Competitive pay Flexible spending account Flex vacation Health care Insurance Medical leave Parental leave Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.