isecjobs.com

Senior GRC Analyst

San Francisco, CA; Santa Clara, CA; Seattle, WA

Full Time Senior-level / Expert USD 141K - 175K
Company logo

Carta

View all jobs at Carta

Apply now Apply later

The Company You’ll Join

Carta develops purpose-built software that transforms traditional accounting into a powerful growth engine.

Carta’s world-class fund administration platform supports nearly 7,000 funds and SPVs, and represents nearly $130B in assets under management in venture capital and private equity.

Trusted by more than 40,000 companies, Carta also helps private businesses in over 160 countries manage their cap tables, valuations, taxes, equity programs, compensation, and more.

Together, Carta is setting a new standard as the end-to-end platform for private markets. Our best-in-class solution for fund management seamlessly integrates investor and portfolio company insights via a suite of tools designed ground-up to support the strategic impact of the fund CFO.

For more information about our offices and culture, check out our Carta careers page.

The Problems You'll Solve

At Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow.

As a Senior GRC Analyst,  you’ll work to assess regulatory requirements and accordingly establish and maintain  governance and risk frameworks. You will build and run security compliance programs to measure and reduce risk, report compliance metrics, and build and manage policies and standards.

Here are some problems we’d love for you to help us solve: 

  • Manage and continually improve the Carta Governance, Risk, and Compliance  program, ensuring it is aligned with our security strategy and business objectives.
  • Develop, maintain, and lead the adoption of security policies, standards, and guidelines to ensure compliance with applicable regulatory requirements.
  • Lead and coordinate internal and external security audits.
  • Perform security assessments of vendors, third parties, and applications.
  • Partner with cross functional teams to review initiatives that could impact compliance requirements
  • Manage risk program activities including risk identification, tracking, and prioritization.
  • Collaborate with engineering and product teams to assess risk posture and compliance status, and support remediation activities.

The Team You'll Work With

You will be part of a security-minded team that believes in progress over perfection and where security culture and mindset is key. Our team is rethinking how GRC activities can be accomplished in innovative ways. We do not focus on building processes, but instead how to solve business problems while minimizing and managing risk exposure for Carta.

About You

We are looking for candidates who have:

  • A strong understanding and working knowledge of information security and compliance frameworks, such as SOC 1  and 2, ISO 27001, NIST CSF, GDPR, CCPA, FINRA, SOX and SEC cybersecurity requirements.
  • Excellent judgment and the ability to make balanced  decisions when working with complex situations.
  • Proven understanding of public cloud infrastructure and services in AWS and GCP including knowledge of cloud-native security protection measures, tools, and techniques
  • Proven  ability to collaborate with cross-functional teams and affect change to accomplish goals.
  • Excellent written and verbal communication skills, including the ability to effectively communicate business and cybersecurity risk.
  • 5+ years of experience in developing  and executing governance, risk and compliance functions.

Salary

Carta’s compensation package includes a market competitive salary, equity for all full time roles, exceptional benefits, and, for applicable roles, commissions plans. Our minimum cash compensation (salary + commission if applicable) range for this role is:

  • $148,750 - $175,000 in San Francisco, CA; Santa Clara, CA; New York City, NY
  • $141,313 - $166,250 in Seattle, WA

Final offers may vary from the amount listed based on geography, candidate experience and expertise, and other factors.

Disclosures:

  • We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email. 
  • Carta uses E-Verify in the United States for employment authorization. See the E-Verify and Department of Justice websites for more details.
  • Interested in data privacy? Check out our policies on Privacy and CA Candidate Privacy.
  • Please note that all official communications from us will come from an @carta.com or @carta-external.com domain.
Apply now Apply later
Job stats:  0  0  0
Categories: Analyst Jobs Compliance Jobs

Tags: Audits AWS CCPA Cloud Compliance GCP GDPR Governance ISO 27001 NIST Privacy Security assessment Security strategy SOC SOC 1 SOX Strategy

Perks/benefits: Competitive pay Equity / stock options Team events

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Product Security Engineer jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsSenior Cloud Security Engineer jobsSystems Engineer jobsInformation Security Manager jobsSystems Administrator jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsIT Security Analyst jobsSecurity Consultant jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Information Security Engineer jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsCyber Security Architect jobsSenior Product Security Engineer jobs
GDPR jobsSaaS jobsEncryption jobsBash jobsSplunk jobsSQL jobsEDR jobsTop Secret jobsMalware jobsFinance jobsRMF jobsThreat detection jobsIDS jobsSDLC jobsForensics jobsIPS jobsTerraform jobsDocker jobsITIL jobsIntrusion detection jobsCompTIA jobsActive Directory jobsSOC 2 jobsDoDD 8570 jobsOWASP jobs
SAP jobsCRISC jobsGIAC jobsUNIX jobsSANS jobsHIPAA jobsAnsible jobsCCSP jobsOSCP jobsBanking jobsJira jobsVPN jobsTCP/IP jobsSOX jobsIT infrastructure jobsSOAR jobsMITRE ATT&CK jobsMachine Learning jobsData Analytics jobsJavaScript jobsClearance Required jobsVMware jobsCISO jobsIndustrial jobsNIST 800-53 jobs