Security Risk and Compliance Analyst

Join Asana as a Security Risk and Compliance Analyst, where you will play a critical role in safeguarding our organizational assets and ensuring compliance with industry standards. You will collaborate with various teams to identify risks, implement security measures, and drive compliance initiatives across the company. Your expertise will contribute to our …

Join Hive as a Security Compliance Analyst, where you will play a pivotal role in ensuring our information security governance and compliance standards are met. Collaborate with engineers and auditors to strengthen our security compliance framework. You will be responsible for addressing auditors' inquiries and managing on-call operations, while contributing to the risk management program led by our Information Security team. If you're passionate about securing innovative AI solutions, we want to hear from you!

About the RoleWe are in search of a dedicated and skilled Senior Governance, Risk, and Compliance (GRC) Analyst to enhance our team. This crucial position will allow you to safeguard our impactful operations, manage risks effectively, and ensure compliance with the intricate regulatory frameworks of the fintech sector. As a subject matter expert, you will transform complex requirements into practical controls while fostering a culture of security throughout the organization.Key ResponsibilitiesOversee information security and third-party risk assessments, formulating mitigation strategies.Lead both internal and external audits, including evidence collection and remediation efforts.

About Juniper SquareAt Juniper Square, our mission is to empower individuals by unlocking the immense potential of private markets. Privately owned assets like commercial real estate, private equity, and venture capital constitute half of the financial ecosystem but are often inaccessible to the general public. We are at the forefront of digitizing these markets, enhancing efficiency, transparency, and accessibility in one of the most dynamic sectors of finance. If you are passionate about leveraging technology to improve market functionality and wish to be part of a values-driven organization, we invite you to apply.We offer a range of work arrangements, from fully remote positions to full-time roles in our physical offices. Our commitment to a digital-first approach enables effective collaboration across 27 U.S. states, 2 Canadian provinces, India, Luxembourg, and England. For those who prefer an office environment, we maintain physical locations in San Francisco, New York City, Mumbai, and Bangalore.Your RoleAs a Senior GRC Analyst, you will play a pivotal role in supporting our governance, risk management, and compliance (GRC) framework. The ideal candidate will possess extensive experience in developing scalable and tailored risk management and compliance processes suited for a high-growth organization. Strong analytical, problem-solving, and communication skills are essential, as you will collaborate with diverse cross-functional teams to foster effective risk management practices.Key ResponsibilitiesCustomer Trust and AssuranceCompliance ManagementOversee the maintenance and onboarding of security compliance certifications and frameworks, including SOC2, ISO, and more.Collaborate with cross-functional teams to gather controls evidence for timely submissions to external auditors.Facilitate a seamless audit process through effective communication and teamwork.Continuously enhance the audit process through automation and rationalization of controls.

Join Lambda, a pioneering force in AI cloud infrastructure, dedicated to revolutionizing the way organizations harness computational power. Serving a diverse clientele that includes AI researchers and enterprise giants, Lambda's commitment is to make high-performance computing as accessible as electricity, empowering individuals and businesses alike to achieve superintelligence. If you're passionate about building the most advanced AI cloud platform, we would love to have you onboard.*Note: This role requires you to be present at our San Francisco or San Jose office 4 days a week, with Tuesday designated as the work-from-home day.Key ResponsibilitiesEnsure organizational security practices align with ISO 27001, 27701, PCI, SOC 2, and other regulatory frameworks to support business objectives.Oversee IT Risk Register, focusing on risk identification, tracking, and prioritization.Lead the remediation of control deficiencies and gaps.Provide expert guidance to Control Owners for the planning, design, implementation, and maintenance of security controls, policies, and standards.Engage with both technical and non-technical stakeholders to discuss cybersecurity risk management and program reporting.Support the Customer Trust program, which includes managing customer assessments and security questionnaires.Assist control owners with root cause analysis and monitor the progress of risk management action plans.Develop risk metrics for management regarding information security control maturity, compliance status, and performance findings. Support third-party risk management assessments to ensure compliance with information security requirements.Your ProfileMinimum of 8 years of experience in cybersecurity risk and controls management, with a deep understanding of frameworks like ISO 27001, 27701, PCI-DSS, SOC, NIST CSF, and other regulatory requirements.Proven experience in managing audits and certification programs, including scope planning and developing control procedures aligned with policies and standards.

Role Overview Crusoe is seeking a Senior Governance, Risk, and Compliance (GRC) Analyst in San Francisco, CA. This role focuses on keeping operations in line with regulatory requirements and internal policies. The analyst leads efforts to identify, assess, and reduce risks, working closely with teams across the company to strengthen the compliance framework. The position shapes risk management strategies and supports the integrity of the organization.

Fastly seeks a Security Risk Lead to guide efforts in managing and reducing security risks across the organization. This role partners with teams company-wide to develop and implement risk management strategies that safeguard Fastly’s systems and data. Role focus The Security Risk Lead works at the intersection of technology and policy, shaping approaches that strengthen the company’s security posture. Collaboration with multiple departments is central to identifying vulnerabilities and ensuring consistent risk mitigation. Key responsibilities Work with teams throughout Fastly to identify, assess, and address security risks Help design and execute risk management strategies Support efforts to maintain the security and integrity of company systems and data Locations Denver, CO New York City, NY San Francisco, CA

Role Overview sia is seeking a Risk & Compliance Subject Matter Expert (SME) Consultant in San Francisco. This consultant guides clients through risk management challenges and compliance frameworks, working closely with cross-functional teams to create solutions that fit industry standards. What You Will Do Conduct in-depth risk and compliance assessments for client organizations Identify areas of potential risk and recommend practical mitigation strategies Develop and implement compliance initiatives tailored to client needs Advise clients on regulatory changes and industry trends Collaborate with teams across disciplines to ensure solutions align with current standards About the Team Join a group that values expertise and practical insight, helping clients stay ahead in a changing regulatory landscape.

Welcome to Adyen Adyen is a leading financial technology platform that integrates payments, data, and financial services into a single solution, catering to renowned clients such as Meta, Uber, H&M, and Microsoft. Our mission is to empower businesses by providing them with tools designed for ambition. We foster an environment where our employees can thrive, supported by a culture that encourages personal and professional growth. Our motivated teams tackle unique technical challenges collaboratively, delivering innovative and ethical solutions that accelerate business success. Position Overview: Payments Risk Operations Analyst We are seeking a skilled Analyst to join our Payments Risk Operations team. This role is perfect for professionals adept at navigating intricate cases, managing critical long-term projects, and harmonizing compliance with a customer-focused approach. In this position, you will play a vital role in supporting our sustainable business growth, ensuring alignment between Adyen and our clients with Payment Networks’ regulations and our internal risk appetite. You will serve as a strategic ally to our global clients, guiding them through the compliance landscape while proactively identifying and mitigating emerging threats within the payment ecosystem. Collaborating closely with our internal teams, including Compliance, Sales, Account Management, Product, and Partnerships, you will optimize processes and develop scalable solutions to safeguard our portfolio. By transforming complex requirements into actionable strategies, you will mitigate non-compliance losses and drive operational excellence. Ideal Candidate Profile The ideal candidate will possess strong analytical skills, a proven history of managing cross-functional projects, and the capability to scale complex operations in a dynamic environment.

Join Grow Therapy as a Security Risk Program Lead where you will play a pivotal role in enhancing our security protocols and risk management strategies. We are seeking a passionate leader who is committed to safeguarding our operations and ensuring compliance with industry standards.You will oversee the development and implementation of security risk programs, identify potential threats, and collaborate with cross-functional teams to mitigate risks effectively. If you are driven by a desire to create a secure environment for our team and clients, we would love to hear from you!

About DelveDelve is dedicated to transforming the compliance landscape, eliminating tedious manual tasks and creating seamless, automated partnerships. Our innovative solutions are trusted by over 450 rapidly expanding companies, including Lovable, 11x, and WisprFlow, enabling them to save countless hours while ensuring secure growth. With backing from prominent investors such as Insight Partners, General Catalyst, and Y Combinator, our team boasts a rich diversity of talent, including former founders, Olympiad medalists, and engineers from prestigious institutions like OpenAI, Stanford, MIT, and Berkeley.About the RoleIn the role of Senior GRC Specialist, you will serve as the primary advisor to our internal teams and customers. Your extensive knowledge of compliance frameworks will be key in guiding clients through their compliance journeys. You will closely collaborate with Sales, Customer Success, Product, and Engineering teams to translate compliance requirements into impactful solutions. This position is available for candidates located in the San Francisco Bay Area or those who prefer to work fully remotely from anywhere in the U.S.With a recent $32M Series A funding round, we are poised for rapid growth!Key ResponsibilitiesCustomer Advisory & Enablement: Conduct consultative calls and workshops to distill complex compliance standards such as SOC 2, ISO 27001, HIPAA, GDPR, HITRUST, FedRAMP, and FDA CFR into actionable strategies.Framework Expertise: Act as the Subject Matter Expert on various cybersecurity frameworks, addressing customer inquiries, assessing control implementations, and resolving audit challenges.Cross-Functional Collaboration: Partner closely with Product and Engineering teams to integrate audit readiness and customer insights into our platform’s core structure.Sales & Customer Success Support: Equip Sales and Customer Success teams with essential resources, including talking points and battlecards, to ensure confidence during customer interactions.Policy & Controls: Lead the development, documentation, and ongoing enhancement of our internal compliance framework as well as customer-oriented best practices.Audit Preparedness: Organize readiness assessments and manage evidence collection to guarantee that both Delve and our customers are always audit-ready.QualificationsProven experience in governance, risk management, and compliance, particularly with frameworks such as SOC 2, ISO 27001, HIPAA, and GDPR.Strong communication skills and the ability to engage effectively with clients and internal teams.Demonstrated ability to work collaboratively across different functions to achieve common goals.Experience in conducting workshops and training sessions.Bachelor's degree in a relevant field or equivalent experience.

Join Mercury as a Compliance Risk Manager within our Banking Advisory team, where your expertise will guide financial institutions in navigating complex regulatory landscapes. You will work collaboratively with clients to develop compliance strategies, assess risks, and implement effective controls to mitigate potential issues.Your role will involve analyzing compliance frameworks, conducting risk assessments, and providing actionable insights to enhance the client’s operational integrity. As a key member of our team, you will also stay abreast of evolving regulations and industry trends, ensuring our advisory services remain relevant and impactful.

About Our TeamJoin the Intelligence and Investigations team at OpenAI, where we are committed to swiftly identifying and addressing abuse and strategic risks to foster a secure online environment. We focus on uncovering emerging abuse patterns, assessing risks, and collaborating with both internal and external stakeholders to implement effective strategies that prevent misuse. Our mission aligns with OpenAI's broader vision of creating AI technology that serves humanity positively.We are developing a comprehensive “radar” for AI abuse and strategic risk—integrating internal signals, external insights, and real-world occurrences into actionable priorities for OpenAI’s safety and product development teams.About the PositionAs a Strategic Risk Analyst specializing in Behavioral & Psychological Risk, you will leverage your extensive knowledge of human behavior to provide a holistic view of risk across OpenAI’s products and platforms.Your role involves analyzing user interactions with AI systems, particularly in high-stakes situations such as self-harm, manipulation, and coercion, and translating these findings into ready-to-use risk assessments, mitigation strategies, and product insights.This position merges clinical and behavioral expertise with intelligence analysis, transforming psychological indicators and trends into structured evaluations, early warnings, and actionable recommendations. A significant aspect of your work will be to proactively identify where analytical insights are crucial, anticipate emerging product, policy, and safety inquiries, and concentrate efforts on analyses that influence critical decisions.You will collaborate closely with investigators, engineers, policy experts, and trust & safety teams to enhance our understanding and mitigation of potential risks in human-AI interaction.Key ResponsibilitiesAnalyze AI system usage in complex or high-risk contexts (e.g., self-harm, suicidal thoughts, substance use escalation, and threats of violence), identifying patterns and trends that inform product, safety, and policy strategies.Integrate behavioral, psychological, and intelligence signals into coherent narratives that elucidate user needs, system dynamics, and potential vulnerabilities.Create decision-ready briefs and assessments to support product, safety, and policy decisions.Develop and enhance behavioral risk frameworks, taxonomies, and indicators (e.g., severity models, escalation pathways, psychological harm classifications).

Scale AI is on the lookout for a dynamic and seasoned Director of Governance, Risk, and Compliance (GRC) to spearhead our centralized GRC function. This crucial role is designed to fortify and propel the organization forward. The selected candidate will play a key role in enhancing and guiding our GRC framework, establishing a long-term strategic vision, collaborating with various teams across the company, and representing Scale’s GRC interests to partners, regulators, and stakeholders. A strong foundation in corporate regulatory compliance and risk management, alongside excellent leadership and relationship-building skills, is essential for success in this role.Key Responsibilities:Lead the GRC function, encompassing compliance governance, advisory, risk management, and regulatory adherence.Develop and mentor a team of compliance professionals focused on governance, assurance, and GRC engineering to create efficient systems and processes.Enhance Scale’s Enterprise Risk Management (ERM) program, focusing on risk identification, assessment, mitigation, and reporting.Collaborate with Legal, Security, Product, Engineering, and Operations teams to support Scale’s growth in a regulated environment.Contribute to Scale’s AI governance strategy, including the implementation of new AI regulations such as the EU AI Act and NIST AI RMF.Drive the vision for how GRC can protect Scale while also serving as a competitive advantage.Represent the GRC team to internal and external stakeholders, including partners and regulators.Maintain a strategic outlook on compliance while being detail-oriented on specific compliance issues.

Join Hive as a Security Compliance Manager and take the lead in enhancing our security framework. Collaborate with engineers and auditors to ensure compliance with industry standards such as ISO and SOC, as well as federal regulations. You will own the execution of our Information Security program, focusing on improving personnel screening compliance and risk monitoring. Your role will require effective communication with technology and business leaders across all levels, driving consensus among stakeholders to ensure security controls are effective and remediated as necessary.

About the TeamThe Intelligence and Investigations team is committed to swiftly identifying and mitigating strategic risks and abuse to foster a secure online environment. Our mission focuses on uncovering emerging abuse trends, analyzing risks, and collaborating with internal and external partners to enforce effective mitigation strategies that protect against misuse. These efforts are vital to OpenAI's overarching goal of creating AI that serves humanity.We aim to establish a comprehensive “radar” for AI abuse and strategic risks—integrating internal signals, external intelligence, and real-world events to generate clear, actionable priorities for OpenAI’s safety and product decision-makers.About the RoleAs a Strategic Risk Analyst, you will play a pivotal role in developing and maintaining a centralized perspective on strategic risk across OpenAI's products and platforms. Your responsibilities will include synthesizing internal abuse patterns, external intelligence, and product signals into actionable risk insights, regular briefs, and practical prioritization inputs.You will collaborate closely with investigators, engineers, policy and trust and safety counterparts, as well as measurement and forecasting teams to convert complex signals into structured judgments, ranked priorities, and actionable recommendations. This position offers an opportunity to conduct high-impact analysis in a dynamic environment, where clear thinking and communication will directly influence safety decisions, mitigations, and product readiness.In This Role, You WillMonitor and analyze internal risk signals (abuse telemetry, investigation outputs, model and product signals) to identify trends, tactical shifts, and new abuse patterns.Conduct upstream and external scanning (OSINT, ecosystem developments, real-world events) and distill implications for OpenAI’s products and threat landscape.Identify and thoroughly investigate harms and misuse across products and channels, transforming complex signals into clear analytical findings.Connect individual incidents into overarching narratives about actors, incentives, product design vulnerabilities, and cross-product spillover, while pressure-testing hypotheses early in the analysis.Produce concise, decision-ready risk briefs and intelligence assessments that include explicit assumptions, confidence levels, and factors that could alter the evaluation.Translate analysis into clear, ranked priorities and actionable recommendations that product, safety, and policy teams can implement effectively.

We are looking for a dedicated and detail-oriented Governance, Risk, and Compliance (GRC) Manager to join our team at Decagon in San Francisco. In this pivotal role, you will be responsible for developing, implementing, and maintaining our governance, risk, and compliance strategies to ensure our operations align with regulatory requirements and industry standards.Your expertise will help us assess risk management processes and enhance our compliance framework, allowing Decagon to maintain its reputation as a leader in the industry. This is an exciting opportunity to contribute to our organizational integrity and enhance our compliance culture.

Role Overview Sigma Computing is hiring a Governance, Risk & Compliance (GRC) Manager. This position is based in San Francisco, CA, with the option to work from our upcoming New York office. The GRC Manager reports directly to the General Counsel and will shape and expand the company's governance, risk, and compliance programs. This role works closely with teams across Legal, Engineering, Product, Sales, Operations, and company leadership. The GRC Manager will build and refine a company-wide GRC framework to support business growth, manage risk, and ensure compliance with regulatory requirements. The work aims to strengthen governance structures, implement scalable risk management, and foster stakeholder trust. What You Will Do Governance Design and implement governance frameworks, including reporting, policy governance, and control oversight. Establish and maintain enterprise policies, standards, and procedures across technology, security, privacy, and operations. Build and lead a governance committee structure to support oversight and decision-making. Create dashboards and metrics to track program maturity and effectiveness. Work with leadership to align governance activities with business strategy and risk appetite. Risk Management Develop and manage an Enterprise Risk Management (ERM) program. Conduct regular risk assessments across the organization and maintain a dynamic risk register. Establish and support business continuity and disaster recovery programs, including testing and tabletop exercises. Implement third-party risk management, including vendor assessments, contract reviews, and ongoing monitoring. Formulate risk treatment plans and oversee remediation efforts. Facilitate risk-informed decision-making throughout the company. Coordinate with leaders across functions to ensure comprehensive risk identification and management. Compliance Oversee audit and certification programs, including SOC 2, ISO 27001, HIPAA, and other relevant standards. Develop and maintain compliance monitoring programs to track regulatory changes and ensure ongoing adherence.

About Plaud Inc.Plaud is revolutionizing the way professionals interact with technology through our innovative AI work companion designed to boost productivity and enhance performance via intuitive note-taking solutions. Since our inception in 2023, we have garnered the trust of over 1,500,000 users globally.Based in San Francisco and incorporated in Delaware, Plaud Inc. is at the forefront of human–AI intelligence, leveraging a unique combination of hardware and software. We adhere to the highest standards of security and privacy, ensuring compliance with SOC 2, HIPAA, GDPR, ISO27001, ISO27701, and EN18031.To discover more about our journey and innovations, visit https://www.Plaud.ai and connect with us on Instagram, X, Facebook, LinkedIn, and YouTube.

Join Crusoe as a Staff Governance, Risk, and Compliance (GRC) Engineer, where you will play a pivotal role in enhancing our compliance strategies and risk management frameworks. You will be responsible for developing and implementing GRC policies, ensuring regulatory compliance, and collaborating with cross-functional teams to mitigate risks effectively. If you have a passion for governance and compliance within the tech industry, we want to hear from you!