Source Job

India

  • Design and implement a structured risk management program including risk taxonomy and scoring methodology.
  • Build and maintain the enterprise risk register as a living operational tool.
  • Leverage AI tools to monitor threat intelligence and accelerate risk analysis.

Risk Management GRC AI Security Compliance

20 jobs similar to Senior Risk Analyst

Jobs ranked by similarity.

US 4w PTO

  • Own and continuously mature the company risk register, designing AI-assisted workflows for real-time risk posture.
  • Lead external audit management (SOC 2 Type II) and automate evidence collection pipelines in Vanta.
  • Engineer the Trust and Assurance program for scale, including automated vendor risk intake and AI-assisted response generation.

ButterflyMX empowers people to open and manage doors & gates from a smartphone, with products installed in over 20,000 properties worldwide. As a distributed, primarily remote workforce, they seek intelligent, passionate, and collaborative individuals driven by shared commitment to excellence and innovation.

GRC Manager

Runway
US

  • Design and implement a comprehensive GRC framework addressing both traditional security controls and novel AI safety considerations.
  • Lead engagements with external auditors to obtain critical security certifications like SOC 2, ISO 27001/27701/42001, and FedRAMP.
  • Partner with AI research teams to develop and implement appropriate safeguards and controls for machine learning systems.

Runway builds AI to simulate the world through merging art and science, focusing on world models for progress in artificial intelligence. Our team consists of creative, open-minded, caring, and ambitious people determined to change the world, striving to continuously build impossible things.

$198,238–$233,221/yr
US

  • Own and manage the compliance program including SOC 2 and ISO 27001 readiness and audits.
  • Lead risk assessments, control testing, and enterprise risk management processes.
  • Partner with Engineering, Security, Product, Legal, HR, and Operations to embed compliance into business processes.

Calendly is a scheduling platform used by millions to automate meetings and streamline time management. They are a rapidly growing SaaS company fostering a culture of learning and high performance.

Global

  • Define and implement comprehensive risk strategies to mitigate fraud risks across the platform and user base.
  • Monitor and report on critical risk KPIs to maximize protection and minimize loss while optimizing cost efficiency.
  • Lead and manage the risk strategy team, driving organizational changes to support business growth and scalability.

Binance is a leading global blockchain ecosystem behind the world's largest cryptocurrency exchange by trading volume and registered users. Trusted by 300+ million people in 100+ countries, the company offers a diverse portfolio of digital-asset products and fosters a user-centric global organization with a flat structure.

US 24w maternity 24w paternity

  • Own the end-to-end GRC strategy and roadmap, driving compliance maturity and reducing audit risk.
  • Design and implement policy-as-code systems, translating compliance frameworks into enforceable code.
  • Lead full audit cycles, manage evidence collection, and architect GRC platform strategy for continuous compliance.

Smartsheet empowers teams to manage work and scale solutions, now uniting human teams with AI agents to automate tasks and uncover insights. With a history of over 20 years, the company fosters a culture of inclusion, creativity, and big thinking, offering professional growth and a supportive environment.

US

  • Develop and maintain the enterprise IT GRC strategy, framework, and roadmap, presenting updates to executive leadership.
  • Lead enterprise IT risk assessments, maintain risk registers, and oversee remediation efforts.
  • Ensure compliance with regulations like NIST, ISO 27001, SOC, PCI-DSS, HIPAA, GDPR, and SOX.

Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, the company supports data centers, healthcare, and industrial facilities where uptime is non-negotiable.

$110,100–$143,100/yr
North America

  • Defines program goals, governance frameworks, and measurable objectives for cyber risk and compliance programs.
  • Manages user attestations, third-party risk, cyber contract negotiation, and coordination of IT audits/assessments.
  • Implements GRC tooling and monitors program effectiveness through KPIs, QA reviews, and control testing.

Velera is a credit union service organization providing fintech solutions to over 4,000 financial institutions. The company fosters a remote-first, inclusive culture with a focus on employee wellbeing and belonging.

$51,840–$64,800/yr
Europe

  • Support the ISO 27001 program by maintaining audit readiness, running evidence collection, and managing access reviews.
  • Perform recurring security operations including vulnerability scanning, risk assessments, and vendor reviews.
  • Collaborate cross-functionally to harden identity and access management, respond to security questionnaires, and support AI governance initiatives.

Didomi is a consent management platform that helps companies manage user consent and data privacy. The company is a growing SaaS organization with a collaborative culture, emphasizing automation and efficiency.

$132,000–$165,000/yr
US Unlimited PTO

  • Manage and support compliance certifications including SOC 2, HITRUST, and ISO 27001 audits across the audit lifecycle.
  • Serve as the subject matter expert across the company on compliance frameworks and primary point of contact for external auditors.
  • Maintain the risk register, drive risk identification and reporting, and scale GRC function with AI and automation.

Garner transforms the healthcare economy by partnering with employers to redesign healthcare benefits using data-driven insights. It is a fast-growing healthcare technology company with a mission-driven team focused on making healthcare more affordable and high-quality.

$136,000–$169,000/yr
US

  • Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
  • Oversee identity and access management, including automated provisioning audits and anomaly detection.
  • Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.

Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.

US Unlimited PTO 16w maternity 16w paternity

  • Own the vision, strategy, and roadmap for Issue Management and Exception Management, positioning them as competitive differentiators for enterprise GRC deals.
  • Build exception management from the ground up, partnering with go-to-market teams to define MVP and ship capabilities that unlock deals.
  • Lead the agentic AI opportunity, building intelligent workflows that proactively surface compliance risks and reduce manual overhead.

Vanta helps businesses earn and prove trust through automated security and compliance monitoring. With a kind and talented team and offices in multiple global cities, Vanta is a growth-stage company committed to making security continuous and transparent.

Brazil

  • Design, implement, and maintain credit risk models and frameworks aligned with BACEN and IFRS 9 standards.
  • Monitor and manage retail credit exposures from origination to portfolio performance.
  • Develop and validate ML/AI-based models for PD, LGD, EAD, and behavioral scoring.

CloudWalk is building the future of payments, operating as a Type 3/Segment S3 financial institution in the payments and acquiring space. The company focuses on risk management and innovation, with a high-performing team that values data, automation, and AI.

Mexico

  • Manage program management for the Security organization, applying a single operating standard across all projects.
  • Own intake, triage, status reporting, capacity planning, and prioritization using AI-augmented systems.
  • Partner with security leadership, engineers, and the AI team to refine and drive AI-assisted program management.

JumpCloud is the AI-powered unified IT management platform designed to secure the modern workforce. The company is remote-first and fosters a culture of connection and innovation, with teams in 15+ countries.

UK

  • Lead end-to-end delivery of Professional Services projects, including planning, execution, governance, risk management, and closure.
  • Manage multiple concurrent customer engagements involving cybersecurity implementations, transformations, assessments, or optimisation services.
  • Build and maintain detailed project plans, status reporting, RAID logs, resource plans, and stakeholder communications.

Zscaler accelerates digital transformation to ensure customers can be more agile, efficient, resilient, and secure. The company is an AI-forward enterprise that builds high-performing teams with a culture of execution centered on customer obsession and collaboration.

$130,000–$145,000/yr
US Unlimited PTO 20w maternity 12w paternity

  • Support and scale the Assurance & Compliance function through an engineering-driven, automation-first approach.
  • Partner with Engineering, Security, Legal, and other teams to support compliance programs and audit readiness.
  • Help transform compliance into a continuous, measurable capability embedded into operations.

Flock builds technology that reduces crime and protects privacy, partnering with cities, businesses, schools, and neighborhoods. With over $1B in funding and an $8.3B valuation, the company is a high-performance team united by urgency, ownership, and a shared commitment to meaningful impact.

Canada Europe Unlimited PTO

  • Support active and upcoming audits including ISO 27001, SOC 2, PCI DSS, and HIPAA by coordinating evidence and working with control owners.
  • Conduct risk assessments, update risk registers, track remediation, and perform third-party risk management reviews.
  • Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.

Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.

$147,800–$164,000/yr
Global 18w maternity 16w paternity

  • Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
  • Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
  • Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.

Spring Health is a global mental health company on a mission to eliminate every barrier to mental health. With outcomes independently validated by JAMA Network Open, Spring Health reaches more than 170 million people worldwide through leading employers, health plans, and partners.

India Unlimited PTO

  • Own delivery for standard-framework GRC engagements including ISO 27001, SOC 2, GDPR, and PCI DSS.
  • Build and maintain reusable IP such as templates, control-mapping libraries, and AI-assisted playbooks.
  • Own commercial outcomes including pricing, utilization, margin, and delivery forecasting for your own engagement book.

Sprinto is an Autonomous Trust Platform that centralizes trust requirements across security frameworks, vendors, and customers. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, they have raised $31.8M in funding and are trusted by over 3,000 organizations across 75 countries, with a remote culture organized around problems rather than job titles.

Canada

  • Manage the full IT risk lifecycle, including risk registers, identification, assessment, mitigation, and reporting using Power BI dashboards.
  • Coordinate IT governance activities across cybersecurity, audit, compliance, and business teams to ensure alignment with enterprise risk standards.
  • Develop executive-level reports and support governance committees with structured presentations and risk insights.

Our partner is a large-scale enterprise operating in a regulated environment, focusing on IT governance, cybersecurity, and risk management. They foster a collaborative, cross-functional culture with a commitment to diversity and equal opportunity.

$122,500–$165,000/yr
US

  • Proactively identify and respond to emerging security threats and incidents.
  • Develop detection techniques and manage core security tooling such as SIEM and orchestration platforms.
  • Collaborate across teams to support security projects and participate in on-call rotations.

Circle is a leading internet financial platform company building infrastructure for digital assets, stablecoins, and blockchain. They have a flexible work environment with values of high integrity and multistakeholder collaboration.