Security GRC Analyst

About the Job: Shape Sigma’s Security Future

Sigma is seeking a proactive Security GRC Analyst to drive the evolution of our Security GRC initiatives through automation. Collaborating closely with the Security GRC Manager, you’ll play a key role in ensuring Sigma achieves its security and compliance objectives efficiently. If you’re a forward-thinking individual passionate about building innovative security tools, streamlining processes, and implementing GRC automations to minimize risk, we encourage you to apply!

What You’ll Do:

• Automate and maintain security compliance processes and procedures.
• Develop and update security policies, guidelines, processes, and procedures.
• Lead Customer Trust Assurance efforts, empowering the Sales team for accelerated growth.
• Manage customer security questionnaires and maintain GRC tools.
• Conduct regular vendor risk assessments, identifying, evaluating, and prioritizing risks, and ensuring timely mitigation.
• Maintain comprehensive documentation for all GRC activities, including risk registers, audit logs, and compliance reports.
• Support internal and external audits by providing documentation, evidence, and responses.
• Collaborate with HR, Legal, Sales, Operations, and Engineering to build robust GRC programs.
• Stay informed about emerging security and privacy trends.

Who You Are:

• 3+ years of experience in Security GRC, risk management, and/or compliance, preferably within a Cloud SaaS environment.
• Relevant bachelor’s degree, equivalent experience, and/or relevant certifications (CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer).
• Strong understanding of privacy and compliance frameworks (SOC1/2, HIPAA, ISO 27001, CSA Star, NIST, CCPA, GDPR, etc.).
• Proven experience in third-party and customer risk assessments.
• Demonstrated success in supporting various Security GRC programs.
• Excellent interpersonal skills and the ability to collaborate effectively with diverse and distributed teams.
• Practical understanding of network, system, application, SDLC, cybersecurity, and cloud security systems.
• Exceptional organizational and time management skills with the ability to manage multiple priorities in a fast-paced environment. 
• Familiarity with IT security and compliance tools.
• A proactive mindset focused on automation and efficiency.

Additional Job Details:

The annual base salary range for this role is $115,000 – $140,000. Total compensation may vary based on qualifications and experience and includes stock options and a comprehensive benefits package.

About Us:

Sigma is a pioneering cloud analytics and business intelligence platform that empowers business teams to move beyond dashboards and directly explore data at scale using an intuitive, spreadsheet-like interface. Leveraging the power of cloud data warehouses, Sigma enables instant analysis of vast datasets without requiring code. Our innovative platform includes collaboration tools, embedded analytics, and AI-powered features like forecasting, an AI copilot, and a notebook interface. With a recent $200M Series D funding, Sigma is poised for continued growth and innovation in the BI space. Join our dynamic team and help us transform how businesses use data!

Benefits:

• Equity
• Generous health benefits
• Flexible time off
• Paid parental leave
• Traditional and Roth 401k
• Commuter and FSA benefits
• Lunch Program
• Dog-friendly office

Sigma Computing is an equal opportunity employer committed to building a diverse and inclusive team. We encourage all qualified applicants to apply. Please note that our offices have an in-office work environment.