Senior Information Security GRC Analyst at Onna

| Remote
Sorry, this job was removed at 7:19 a.m. (EST) on Tuesday, February 22, 2022
Find out who’s hiring remotely
See all Remote jobs
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

* This role can be on-site/hybrid remote in our North Carolina or New York offices, as well as fully remote from the US.

* You must have authorization to work in the location the position is posted.

We’re Onna: A passionate, hard-working team solving one of the biggest challenges facing today’s businesses — knowledge fragmentation. We’ve built the world’s first Knowledge Integration Platform to make enterprise knowledge more accessible, useful, and private. We help some of the world’s leading companies like Facebook, Slack, Electronic Arts, and Fitbit, to bring together fragmented knowledge from today’s most popular workplace applications. With our platform, teams can unify, protect, search, automate, and build on top of their organization’s proprietary knowledge, allowing them to leverage it in new and intuitive ways. 

As an Information Security GRC Analyst, your objective is to lead the day-to-day information security compliance, governance, and risk management functions, supporting a program that builds client trust in the organization and its products. The role includes managing audits and assessments, aligning cross-functional groups with security practices, improving the security posture of the organization, and defining and managing privacy and security standards in support of legal and regulatory compliance needs that aid in business growth. The candidate will be a member of the Information Security department and will report to the Director of Security. 

What You’ll Do

  • Implements a risk assessment framework, security controls, and a program that aligns to regulatory and business requirements, ensuring documented and sustainable compliance that advances company objectives.
  • Performs regular risk assessments, works with stakeholders by assisting with the selection of controls, monitors treatment, and prepares status reports.
  • Collaborates across the organization in reducing risk associated with vulnerabilities, works with groups on developing and reporting mitigation strategies, and ensures alignment with security controls/policy.
  • Aids Director of Security in building strong governance, communicating proper security practices, building awareness, and relating the impact of risk to the business. 
  • Oversees GRC platforms, artifact and evidence generation, and leads stakeholders through audit processes as well as continuously monitors controls, exceptions, risk, and testing.
  • Prepares, plans, runs, and supports information security audits (internally and with external auditors, aligning with company controls, ISO 27001, SOC2) and aligns with various cybersecurity frameworks (CIS, NIST) and regulations (GDPR, CCPA), as appropriate.
  • Assists with alignment of security and privacy controls to help drive privacy initiatives. 
  • Oversees GRC platform, supports inventory of controls and framework mappings, maintains and reports on risk register, and supports security policy and standards development process.
  • Communicates with prospective and current customers about security, risk, and compliance questions and assists in responses to RFI/RFP inquiries, surveys, and security assessment questionnaires, helps maintain security media packages for building customer trust, and maintains CAIQ surveys.

Who you are:

  • 5+ years' experience in information security and/or related functions (Governance, Risk and Compliance (GRC)), IT audit, or IS risk management.
  • Significant experience with ISO 27001 and SOC2 audits and ISO certification processes.
  • Familiarity with ISMS and security controls, particularly ISO 27000 series, CIS, and NIST.
  • Experience with auditing (preferably security control frameworks).
  • Working knowledge privacy, compliance, and regulatory requirements, such as GDPR and international, federal, and state privacy laws.
  • Advanced knowledge of information security concepts and technical controls.
  • Former experience with governance, risk, and compliance management in a global environment.
  • Relevant industry certifications as CISSP, GIAC, CISA, and CISM preferred.
  • Experience in cloud infrastructures as GCP preferred.

Benefits we offer:

We've entered a new era of remote work, where our day-to-day is now virtual, and we're committed to adapting to embrace this change.

  • Competitive salary package 
  • 401(k) with matching contribution
  • Comprehensive medical, vision, and dental coverage
  • Flexible vacation and PTO policies
  • Flexible working time
  • Remote and semi-remote work opportunities
  • Monthly virtual fitness and well-being stipend 
  • Learning and development budget
  • Monthly virtual team Lunch-and-Learns and Happy Hours 
  • Birthday and anniversary celebration

About us, our product, and our funding:

We're Onna: A passionate, hard-working team solving one of the biggest challenges facing today's businesses — knowledge fragmentation. We've built the world's first Knowledge Integration Platform to make enterprise knowledge more accessible, useful, and private. We help some of the world's leading companies like Facebook, Slack, Electronic Arts, and Fitbit, to bring together fragmented knowledge from today's most popular workplace applications.
Our growing list of integrations features tools that are essential to our customers’ daily workflows like Slack, Zoom and Dropbox. Once connected to Onna, the potential use cases are limitless:
Information Governance, eDiscovery, Compliance, Knowledge Management, are just a few ways Onna can empower organizations and their employees. With our platform, teams can unify, protect, search, automate, and build on top of their organization's proprietary knowledge, allowing them to leverage it in new and intuitive ways.
We're a distributed team with locations in New York City, Barcelona, Raleigh-Durham, San Francisco, London & Toulouse, and many remote team members throughout the US. Onna is actively growing and we're thrilled to welcome new team members from across the world to a work environment that is collaborative, flexible, fast-paced, and lighthearted.
Onna aspires to be a place where people can bring their whole selves to work. We value empathy, grit, and balancing a sense of ownership of our work alongside appreciation for our teammate's accomplishments and effort. Your career growth is important, and we'll provide you with the tools, resources, and manager support to gain experience and further develop your skills.

In 2019, we closed an $11M Series A led by Dawn Capital with the participation of our integration partners Slack Fund and Dropbox, and in 2020 we closed a $27M Series B led by Atomico with participation from Glynn Capital, as well as follow-up investments from Dawn Capital, Nauta Capital, and Slack Fund. 

----

Onna is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. You must have authorization to work in the location the position is posted.

All of your information will be kept confidential according to EEO guidelines. To view our privacy policy, please visit here.

Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavascriptLanguages
    • PythonLanguages
    • AngularFrameworks
    • Machine LearningFrameworks
    • DockerDatabases
    • KubernetesDatabases
    • Google AnalyticsAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • FigmaDesign
    • CanvaDesign
    • AsanaManagement
    • ClubhouseManagement
    • GitHubManagement
    • WordpressCMS
    • ContentstackCMS
    • SeismicCMS
    • IntercomCRM
    • SalesforceCRM
    • PardotEmail
    • SalesLoftEmail
    • PardotLead Gen
    • ZoomInfoLead Gen
    • LinkedIn Sales NavigatorLead Gen
    • LeadIQLead Gen

Location

202 Centre St, New York, NY 10013

An Insider's view of Onna

What’s the vibe like in the office?

Everyone in the office is super friendly and reachable. Collaboration and questions are always welcome, and not just because they have to be — our team genuinely wants to help each other succeed.

And now, we do all of this virtually!

Liz

Content Marketing Manager

What's the biggest problem your team is solving?

Unlocking our client's knowledge and tearing down data silos between their teams. We aim to help our customers build a mindset around what their knowledge means to their team and how they can leverage it to be smarter, leaner, and more productive. We ultimately provide a service that answers the question, "How can we make our data accessible?"

Eddie

Architect in Professional Services

How does the company support your career growth?

Working at Onna, I have the right team and tools in place for success when it comes to my career growth. Management does a great job providing clarity and giving me steps to succeed by having dedicated training that supports and encourages career growth. The leaders always make time to help out with growth.

Margarita

Account Executive

How do you empower your team to be more creative?

We empower our teams by trusting in them and giving them autonomy. Trusting in your employees to make the right decisions and putting them in positions to succeed is important in fostering great collaboration and a feeling of empowerment.

Darin

VP of Marketing

How does your team reward individual success?

Celebrating individual success, as well as our team wins, is an important part of our culture. From sending a note on our #kudos Slack channel to giving shout outs at our All-Hands meeting, our team takes the time to celebrate and highlight wins. Additionally, each Onner gets special rewards on their Onnaversary (anniversary) and birthday.

Mayda

Chief of Staff

What are Onna Perks + Benefits

Onna Benefits Overview

We’ve entered a new era of remote work, where our day-to-day is now virtual, and Onna is committed to adapting to embrace this change.

Culture
Volunteer in local community
Friends outside of work
Eat lunch together
Intracompany committees
DE&I & Leadership Committees
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Unconscious bias training
Diversity manifesto
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental Benefits
Vision Benefits
Health Insurance Benefits
Wellness Programs
Team workouts
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Company sponsored family events
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Volunteer Time
Sabbatical
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Onna hosts company outings Monthly.
Free Daily Meals
Employees get free lunch on Friday.
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Parking
Pet Friendly
Onna's pet policy is dog friendly daily.
Recreational Clubs
Relocation Assistance
Fitness Subsidies
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Continuing Education stipend
Time allotted for learning
Customized development tracks
Paid industry certifications

More Jobs at Onna

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Onna's full profileSee more Onna jobs