Security GRC Analyst
San Francisco Office
Full Time Entry-level / Junior USD 125K - 180K
Lambda
The GPU Cloud built for AI developers. Featuring on-demand & reserved cloud NVIDIA H100, NVIDIA H200 and NVIDIA Blackwell GPUs for AI training & inference.In 2012, Lambda started with a crew of AI engineers publishing research at top machine-learning conferences. We began as an AI company built by AI engineers. That hasn't changed. Today, we're on a mission to be the world's top AI computing platform. We equip engineers with the tools to deploy AI that is fast, secure, affordable, and built to scale. Whether they need powerhouse GPU hardware on-site or the flexibility of cloud-based solutions, we've got the horsepower to make it happen. Lambda’s AI Cloud has been adopted by the world’s leading companies and research institutions including Anyscale, Rakuten, The AI Institute, and multiple enterprises with over a trillion dollars of market capitalization. Our goal is to make computation as effortless and ubiquitous as electricity.
If you'd like to build the world's best deep learning cloud, join us.
*Note: This position requires presence in our San Francisco office location 4 days per week; Lambda’s designated work from home day is currently Tuesday.
What You’ll Do
Support company-wide security awareness training
Perform vendor security assessments in order to minimize risk from third-party services
Maintain and improve vendor security program while working closely with Security, Legal, IT and other internal stakeholders
Ensure vendor security issues are identified, communicated, and remediated to an acceptable level of risk
Conduct periodic reviews of the Vendor Security program to identify areas for improvement and automation and help ensure alignment with key business risks, regulatory requirements, and industry frameworks; revise program documentation as required and communicate program changes to key stakeholders to achieve buy-in
Drive accurate program metrics through timely updates and thorough documentation of each completed assessment and coaching team members on the same
Perform control design walkthroughs and operating effectiveness testing for products and business lines against security frameworks such as ISO 27001, SOC 2, PCI-DSS, and others
Work with control and process owners to understand key processes and controls. Support these process owner in preparation for and execution of internal and external audits
Collaborate with key stakeholders to support, track, and report on remediation efforts
Communicate with technical and non-technical stakeholders on cybersecurity risk and control topics and program-specific reporting
You
Experience supporting cybersecurity controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001, PCI-DSS, SOC 2, and other regulatory requirements
Experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations
Excellent verbal and written communication skills with the ability to document, communicate, and report security assessments as well as the status of the implementation, effectiveness, and remediation of cybersecurity controls with product and business leaders
Strong project management skills with the ability to lead and execute security assessment projects and initiatives on time with multiple stakeholders
Nice to Have
Minimum of 7 years in Information Technology (IT) or Information Security (IS) compliance and controls programs in a global organization with in-depth knowledge and experience of cybersecurity frameworks such as ISO 27001, PCI-DSS, SOC 2, and other regulatory requirements
Experience in performing controls monitoring testing and supporting complex audit projects in a cloud-centric environment with a strong aptitude to understand emerging technologies to assure regulatory and compliance requirements are met
CISM, CISA, CISSP, CCSP, CASP, Security+, CRISC, CGEIT, GSEC, QSA, or other relevant certifications
Salary Range Information
Based on market data and other factors, the annual salary range for this position is $125,000 - $180,000. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.
About Lambda
Founded in 2012, ~350 employees (2024) and growing fast
We offer generous cash & equity compensation
Our investors include Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, US Innovative Technology, Gradient Ventures, Mercato Partners, SVB, 1517, Crescent Cove.
We are experiencing extremely high demand for our systems, with quarter over quarter, year over year profitability
Our research papers have been accepted into top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG
Health, dental, and vision coverage for you and your dependents
Commuter/Work from home stipends for select roles
401k Plan with 2% company match (USA employees)
Flexible Paid Time Off Plan that we all actually use
A Final Note:
You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills.
Equal Opportunity Employer
Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.
Tags: Audits Automation CASP+ CCSP CISA CISM CISSP Cloud Compliance CRISC GSEC Incident response ISO 27001 Lambda Machine Learning Monitoring Risk management Security assessment SOC SOC 2
Perks/benefits: 401(k) matching Conferences Equity / stock options Flex hours Flex vacation Health care
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.