Remote GRC Senior Analyst

Summary

Join Ubiminds as a GRC Senior Analyst to support a global rating agency in information security governance, risk, and compliance.

Requirements

• Experience as the lead for SOC 2 Type 2 and ISO 27001 audits
• Experience dedicated to Information Security and Compliance
• Proactively manages and prioritizes team tasks to optimize individual strengths and collective productivity
• Comfortable speaking directly with customers’ security teams and/or leadership, in a way that appropriately represents the company and security capabilities
• Experience with cloud and/or SaaS security best practices
• Knowledge of and experience with information security concepts: encryption, application security, identity management, log management, disaster recovery, etc
• Experience with Windows, Mac OS X, and familiarity with Linux
• Ability to balance multiple complex tasks and quickly prioritize

Responsibilities

• Oversee the management of client compliance and continuous monitoring program
• Lead audits for SOC 2 Type 2, ISO 27001, ISO 27701, Internal Audits, and assist in FedRAMP audits when needed with support from the ISSO
• Assist the ISSO in management of client FedRAMP program
• Documentation of risks and deviations of insufficient policy or control implementation, and coordination with external teams to remediation
• Lead the client Third-Party and supply chain management program
• Lead third-party assessments of the client platforms for client audits
• Lead and coordinate completion of client assessments, questionnaires, deliverables, and communications
• Assist in documentation of the client controls implemented maintain its compliance program across products and information systems
• Provide support to other departments, acting as a Subject Matter Expert regarding compliance, privacy, and standards

Preferred Qualifications

Relevant certifications such as CISSP or CISA certification, or desire to obtain is a plus

Benefits

• Placed in a product-based company, with the same treatment as their full-time employees
• Have our full back-office support, from career guidance to HR and concierge services
• Enjoy our remote-first policy – we are a distributed team, after all
• Get your own MacBook (none of that "bring your own device" stuff here)
• Have access to growth opportunities with other amazing technology professionals, through tech talks, chapter meetings, and even remote happy hours for tons of fun!
• Improve your English through free lessons with a native English speaker - get to the next level on your communication skills!
• Candidate Referral bonus (promote Ubi to your tech friends, and get paid for it!)
• Miss working in the office? Our cool Florianópolis headquarters is available, whenever you want, with weekly quick massages & tasty snacks, soft drinks, and games