Job Details

Join to apply for the Security GRC Analyst role at Sigma.

About The Role

Sigma is looking for a Security GRC Analyst to help in scaling and growing Sigma's Security GRC initiatives through automation. You will be working alongside the Security GRC Manager to ensure Sigma meets their security and compliance goals in a timely manner. If you're a creative thinker who wants to build next-gen security tools, processes, and build Security GRC automations while reducing risk, we'd love to hear from you!

What You'll Be Doing

• Enforce and maintain security compliance processes and procedures through automation.
• Creation and maintenance of documented policies, guidelines, processes, and procedures.
• Own Customer Trust Assurance and help Sigma Sales team to drive Sigma's accelerated growth.
• Respond to customers' security questionnaires and maintain Sigma GRC tools.
• Conduct regular vendor risk assessments to identify, evaluate, and prioritize risks across the vendor products organization, ensuring timely mitigation actions are implemented.
• Ensure documentation is maintained for all key GRC activities, including risk registers, audit logs, and compliance status reports.
• Support internal and external audits by providing documentation, evidence, and responses to audit findings.
• Collaborate with multiple stakeholders including HR, Legal, Sales, Operations, and Engineering for building the GRC programs.
• Stay current with emerging security and privacy trends.

Who You Are

• 3+ years of experience in Security GRC, risk management, and/or compliance, ideally in a technology-driven Cloud SaaS environment.
• Relevant university bachelor's degree, experience, and/or relevant technical/professional qualifications/certification such as CISSP, CISM, CISA or ISO 27001 Lead Auditor/Implementer equivalent.
• Good understanding of various privacy & compliance frameworks such as SOC1/2, HIPAA, ISO 27001, CSA Star, NIST, CCPA, GDPR and others.
• Must have prior experience in 3rd party risk and customer risk assessments.
• Track record of strong hands-on experience in assisting in various Security GRC programs.
• Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
• Practical & technical understanding of Security network, system, application, SDLC, cybersecurity, and cloud security systems.
• Time Management: Excellent organizational skills with a talent for balancing multiple deadlines and priorities in a fast-paced environment.
• Familiarity with IT security and compliance tools used in day-to-day operations.
• You have figured out how to spend less time doing manual work and are constantly thinking about how to automate things.

Additional Job Details

The base salary range for this position is $115k - 140k annually. Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies, and experience. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Sigma Computing. This role is eligible for stock options, as well as a comprehensive benefits package.

About Us

Sigma is the only cloud analytics and business intelligence tool empowering business teams to break free from the confines of the dashboard, explore data for themselves, and make better, faster decisions.

Benefits For Our Full-Time Employees

• Equity
• Generous health benefits
• Flexible time off policy. Take the time off you need!
• Paid bonding time for all new parents
• Traditional and Roth 401k
• Commuter and FSA benefits
• Lunch Program
• Dog friendly office

Sigma Computing is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We look forward to learning how your experience can enable all of us to grow.

Note: We have an in-office work environment in all our offices in SF, NYC, and London.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology
• Software Development