Security GRC Specialist

About the role:

Sigma is looking for a Security GRC Specialist to help in scaling and growing Sigma’s GRC program through automation. You will be working alongside with the Security GRC Manager to ensure Sigma meets their security and compliance initiatives in a timely manner. If you’re a creative thinker who wants to build great processes and reduce risk, we’d love to hear from you! 

What you’ll be doing:

• Enforce and maintain compliance processes and procedures through automation
• Creation and maintenance of documented policies,guidelines, processes, and procedures
• Research, implementation, and maintenance of compliance related tools: evidence collection automation, control monitoring, identity governance and administration
• Identify and manage IT security risks by performing formal risk assessments on internally developed applications, external partner connectivity, and third party vendors that may store, process or transmit Sigma data.
• Assist in Customer audits and security assessments.
• Act like an owner and Collaborate with multiple stakeholders including HR, Legal, Operations, and Engineering for building the GRC programs.
• This position comes with autonomy and accountability as you will be leading GRC projects through to completion with a set of guiding principles.
• Stay current with emerging security and privacy trends.
• Drive the value of Compliance as a strategic partner.

Who you are:

• Over 5 years of hands-on experience in Security GRC and 7+ years in related industry.
• Relevant university bachelor's degree in computer science, cyber assurance or related field and relevant technical/professional qualifications/certification such as CISSP, CISM, CISA or ISO 27001 Lead Auditor/Implementer equivalent.
• Strong understanding of various privacy & compliance frameworks such as SOC1/2, HIPAA, ISO 27001, CSA Star, NIST,CCPA,GDPR and others.
• Strong experience working with SaaS software engineering teams in an agile/dynamic environment.
• Strong understanding of Cloud security technologies.
• You have figured out how to spend less time doing manual work and are constantly thinking about how to automate things.
• Strong communication in written and verbal, plus the ability to articulate and decipher complex business and regulatory areas with compliance, legal, business operations, product management, product development, engineers, and security
• Experience in implementing GRC tools like - OneTrust, ZenGRC, Safebase, Drata etc
• Experience in scripting languages such Python is a plus
• Experience with Global Privacy frameworks is a plus
• Prior hands-on experience in Cyber Security is a plus.

Additional Job details

The base salary range for this position is $175k - $210k annually.

Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Sigma Computing. This role is eligible for stock options, as well as a comprehensive benefits package.

About us:

Sigma is the only cloud analytics and business intelligence tool empowering business teams to break free from the confines of the dashboard, explore data for themselves, and make better, faster decisions. The award-winning software was built to capitalize on the performance power of cloud data warehouses to combine data sources and analyze billions of rows of data instantly via an intuitive, spreadsheet-like interface – no coding required.

Since launching with its unique interface, Sigma Computing has added features such as collaboration tools and embedded analytics capabilities. The most recent product launch included a set of AI tools such as forecasting capabilities, an AI copilot and a notebook interface for users who prefer a code-first environment.

Sigma announced its $200M in Series D financing in May 2024, to continue transforming BI through its innovations in AI infrastructure, data application development, enterprise-wide collaboration, and business user adoption. Spark Capital and Avenir Growth Capital co-led the Series D funding round, with additional participation from a group of past investors including Snowflake Ventures and Sutter Hill Ventures.The Series D funding, raised at a valuation 60% higher than the company’s Series C round three years ago, promises to further accelerate Sigma’s growth.   

Come join us!

Benefits For Our Full-Time Employees:

• Equity
• Generous health benefits
• Flexible time off policy. Take the time off you need!
• Paid bonding time for all new parents
• Traditional and Roth 401k
• Commuter and FSA benefits
• Lunch Program
• Dog friendly office

Sigma Computing is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We look forward to learning how your experience can enable all of us to grow.

Note: We have an in-office work environment in all our offices in SF, NYC, and London.