Sr. Governance Risk and Compliance Specialist
Why Red Canary
Red Canary was founded to make security for every business better by protecting organizations around the world from cyber threats. Our combination of market defining technology, processes, and expertise delivered using an innovative SaaS model is preventing breaches every day.
Red Canary’s GRC team is chartered with protecting our customers by protecting Red Canary.
Why You Matter
At Red Canary, the protection of our customers and their data is of the utmost importance. Red Canary’s Governance, Risk & Compliance (GRC) team ensures that our people, platforms, and data remain secure from all forms of harm. As a Compliance Specialist, you will help ensure that our controls, policies, and procedures are designed and executed to deliver the best possible outcomes for Red Canary and our customers. The Senior Governance, Risk and Compliance (GRC) Specialist is responsible for day to day activities across the entire scope of Red Canary’s GRC programs.
Who You Are
You are an experienced GRC professional who:
- expertly identifies, articulates, and designs mitigating strategies around risks.
- can seamlessly context-shift between various compliance and regulatory frameworks, with solid experience with SOC 2 and ISO 27001, specifically.
- speaks the language of auditors, but can articulate modern technological paradigms (i.e., infrastructure-as-code, CI/CD, etc.).
- has outstanding written and verbal communication skills.
- understands the balance between policy and culture; someone who can ensure safety without impeding the creative whirlwind.
- with little direction, plan and manage multiple audit projects simultaneously.
- has experience, or interest, in applying automation to the collection and presentation of compliance data.
As a Sr. GRC Specialist you will:
- Lead all internal governance, risk and compliance activities.
- Work with business unit leads to improve guardrails to make compliance transparent, simple, and easy.
- Ensure that policies and controls are effective, while aligning them to company culture and all applicable compliance requirements.
- Schedule, prepare for, and lead annual SOC 2 Type II and ISO 27001 audit activities.
- Respond to customer, partner or vendor questionnaires in support of the sales team and contractual obligations.
- Build, maintain, and deliver security awareness training that is both relevant and instructive.
- Automate the collection and presentation of auditing data for internal and external consumption.
- Design and lead relevant and engaging Disaster Recovery, Business Continuity, and Incident Response exercises.
Location: Red Canary HQ are located in Denver, CO. This position can be based anywhere in the U.S.
Working at Red Canary
You will work with an exceptionally talented team that is solving problems facing every business. Additional benefits of working at Red Canary include:
- Exceptional healthcare and dental coverage including fully paid premiums
- Unlimited vacation
- 401k and flex-spending accounts
- Fitness budget
- Phone & internet reimbursement
Individuals seeking employment at Red Canary are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.