Our security team defends the products, data and systems that power Chainalysis. We are committed to building a diverse team of builders, breakers and shapers to address complex security problems in a novel, exciting space.
A Senior GRC Analyst is proficient at taking in the inner workings of Chainalysis and harmonizing them with complex risk, governance, and compliance policies. They do this to both create a more secure and compliant environment for our teams and to build trusting relationships with our customers. As a security advocate, you are never satisfied with the status quo and are constantly hunting for threats to an organization.
In one year you’ll know you were successful if…
- You will have led the efforts to help:
- Operationalized various GRC capability areas such as enterprise security risk management, compliance management, and policy management
- Partner with a growing sales team by contributing to the development of customer-facing materials covering topics related to security, privacy, and compliance features of our products and services.
- Led the development and delivery of a comprehensive Vendor Risk Management program.
- Assisted with internal and external audit and risk assessments (eg. SOC2, GDPR, ISO27001)
- Lead or assisted with the remediation of risk assessment findings
A background like this helps:
- Previously held relevant security or related role(s)
- Experience with Software-as-a-Service or cloud service providers industry challenges
- Foundational knowledge of IT Audit/compliance process and activities
- Foundational knowledge of technical risk analysis and methodologies
- Experience working in a regulated environment enforcing policies and procedures
- Possesses the ability to drive projects to conclusion, while collaborating with a diverse group of professionals from both technical and non-technical backgrounds.
- Able to collect, synthesize, and analyze data from multiple outputs, including computer log sources to draw valid conclusions.
- Strong interpersonal skills and ability to work effectively with diverse and distributed teams
- SOC2, ISO27001, PCI, HITRUST, FEDRAMP and GDPR experience are all big pluses
- Verbal communication and presentation skills.
- Self-motivated with good time management skills
At Chainalysis, we help government agencies, cryptocurrency businesses, and financial institutions track and investigate illicit activity on the blockchain, allowing them to engage confidently with cryptocurrency. We take care of our people with great benefits, professional development opportunities, and fun.
You belong here.
At Chainalysis, we believe that diversity of experience and thought makes us stronger. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. Some of the ways we’re ensuring we keep learning are an internal Diversity Committee, Days of Reflection throughout the year including International Women’s Day, Juneteenth, Harvey Milk Day, and International Migrant’s Day, and a commitment to continue revisiting and reevaluating our diversity culture.
We encourage applicants across any race, ethnicity, gender/gender expression, age, religion, ability, experience and more. Additionally, if you need any accommodations to make our interview process more accessible to you due to a disability, don't hesitate to let us know. You can learn more here. We can’t wait to meet you.
Applying from the EU? Please review our Candidate GDPR Notice.
By submitting this application, I consent to and authorize Chainalysis to contact my former employers, and any and all other persons and organizations for information bearing upon my qualifications for employment. I further authorize the listed employers, schools and personal references to give Chainalysis (without further notice to me) any and all information about my previous employment and education, along with other pertinent information they may have, and hereby waive any actions which I may have against either party(ies) for providing a reference. I understand any future employment will be contingent on the Company receiving satisfactory employment references.