Clash
of Jobs
Browse All Jobs
Job Description
Chainguard is seeking a Senior GRC Analyst to build and scale its Governance, Risk, and Compliance (GRC) function. This role involves taking ownership of a mature compliance program and shaping the future of GRC within the company. The Senior GRC Analyst will work with security engineers, legal, HR, and product teams.
What this role involves:
- Owning upcoming SOC 2 Type II and ISO 27001 audits.
- Shaping security policies, standards, and procedures.
- Serving as the point of contact between auditors and Chainguardians.
- Identifying, assessing, and mitigating compliance and security risks.
- Recommending ways to streamline compliance using automation and modern GRC platforms.
Requirements:
- Experience running multiple SOC 2 Type II audits and ISO 27001 efforts.
- Experience with risk assessments, control design and testing, and remediation management.
- Familiarity with GRC platforms like Vanta and risk assessment methodologies.
- Ability to manage competing priorities and keep projects on track.
- Ability to explain audit findings to both execs and engineers.
What Chainguard offers:
- Flexible & Remote-First Culture
- Stock options
- 100% Covered Health Insurance
- Flexible Time Off
- 18 Weeks Paid Parental Leave
Chainguard
Chainguard is a company focused on securing the software development and deployment lifecycle. They provide tools and services including a large library of secured open source software. Specializing in open source software security and cloud native development, Chainguard helps organizations eliminate software supply chain threats. The company aims to be a trusted and safe source for open source solutions. They operate with values centered around customer focus, action, trust, and a balance of seriousness and enjoyment.
All Jobs at Chainguard (47)