Senior GRC Analyst
Quantexa
New York, new york
Job Details
Not Specified
Full Job Description
What we’re all about.
We find, when we come together in the pursuit of excellence, great things happen. And that’s how we do things at Quantexa – together. Our business is data, but our culture is collective. We’re about growth – but not just the bottom line. We create a culture where people feel empowered to do their best work. We might work across continents and time zones, but that doesn’t stop us from collaborating. We’re connected. We celebrate our successes together, and we unite to tackle the challenges. 41% of our colleagues come from an ethnic or religious minority background. We speak over 20 languages across our 47 nationalities, creating a sense of belonging for all.
At Q, we’re looking for people who share that vision. People like you.
Requirements
What you’ll be doing
Ensure Regulatory Compliance:
o Align Quantexa's practices with global regulatory standards and accreditations, such NIST (SP 800-53, SP 800-171), CMMC 2.0, (AICPA) SOC 2 (All trust principles), and ISO/IEC 27001 (2022) with an emphasis on US Government requirements.
o Demonstrate an understanding of Artificial Intelligence (AI) principles, particularly their application within software development
Monitor Regulatory Changes:
o Stay updated on evolving regulations, refining frameworks and controls to maintain ongoing compliance across federal and commercial standards.
Validate Security Controls:
o Validate and implement security controls required by US Federal agencies, ensuring they meet stringent compliance and operational expectations.
Maintain Security Certifications:
o Assist and oversee the maintenance of commercial security certifications, such as SOC 2 Type II and ISO/IEC 27001:2022, ensuring continuous alignment with best practices.
Coordinate with Assessors:
o Collaborate with government and non-government auditors, as well as third-party assessors, to facilitate audits and ensure Quantexa meets all necessary requirements.
Develop and Maintain Policies:
o Assist in the development and periodic review of policies, standards, and procedures to satisfy both federal and commercial security requirements.
o Assess and assist in the development of cybersecurity plans and procedures to ensure compliance with FAR and DFARS.
Advise on Security for Government Proposals:
o Review security documentation for government contract proposals, advising on technical solutions to meet federal and regulated sector security requirements, including data security and confidentiality.
Conduct Risk Assessments:
o Perform regular risk assessments to identify gaps in security controls and compliance, working with cross-functional teams to strengthen data protection and security practices.
Maintain Compliance Records:
o Keep detailed records of compliance activities, risk assessments, and audit outcomes. Deliver reports to security leadership and track updates to policies for audit readiness.
Collaborate Across Teams:
o Partner with IT, legal, and compliance teams to align on priorities, translating regulatory requirements into actionable insights and security controls. Act as a technical advisor on US Government regulations.
Promote Knowledge Sharing:
o Foster a culture of collaboration by sharing best practices, lessons learned, and key insights from audits, projects, and risk assessments across the organisation.
Align Knowledge Practices:
o Ensure knowledge-sharing practices support organisational goals, regulatory needs, and industry best practices, particularly within compliance-driven environments like Quantexa's.
What you’ll bring
Educational Background:
o A bachelor’s degree in a relevant field (e.g., Information Security, Computer Science, or a related discipline)
Governance, Risk, and Compliance Experience:
o At least 5+ years of proven work experience in Governance, Risk, and Compliance (GRC), particularly in highly regulated industries such as government or healthcare, with expertise in navigating complex regulatory requirements.
o Proven experience in developing policies and processes to ensure compliance with FAR and DFARS including 52.204-21 and 252.204-7012.
o Working knowledge of FAR and DFARS (preferably with experience working in a software development.
Strong Organisational Skills:
o Proficient in balancing multiple priorities and managing competing demands. Demonstrates a strong focus on meeting critical deadlines while ensuring the delivery of high-quality results in a proactive and organised manner.
Cross-Functional Communication:
o Exceptional communication skills to engage effectively with diverse teams, fostering collaboration and ensuring alignment across functions.
Audit and Compliance Management:
o Proven expertise in managing the end-to-end audit process with a focus on organised operational efficiency, streamlining activities where possible to achieve optimal results.
Strategic Problem-Solving:
o Strong ability to analyse complex risks and compliance challenges in dynamic environments and develop practical, effective solutions.
Commitment to Continuous Improvement:
o A forward-thinking approach to driving the evolution of Quantexa’s GRC practices, ensuring they remain relevant and effective in an ever-changing regulatory landscape.
Positive Team Presence:
o An approachable, proactive and engaging personality that fosters a collaborative and inclusive environment. Demonstrates enthusiasm and builds strong relationships with colleagues at all levels, promoting a culture of open communication, motivation, and teamwork.
Benefits
Our perks and quirks.
What makes you Q will help you to realize your full potential, flourish and enjoy what you do, while being recognized and rewarded with our broad range of benefits.
- A Competitive salary range of 130-183k (subject to experience, level and location)
- Company bonus
- 401(k) match up to 5%
- Competitive PTO Allowance + Paid US Federal Holidays + Your Birthday Off!
- Medical, Dental, and Vision coverage
- Short-term and Long-term Disability, Life, and AD&D insurance
- Access to One Medical - primary care practice that offers 24/7 on-demand virtual care
- Access to Teladoc - on-demand healthcare via phone or video
- Access to Health Advocate - the nation’s leading healthcare advocacy and assistance company
- Access to Calm App Subscription - the #1 app for meditation, relaxation, and sleep
- Access to Talk Space - the #1 rated, HIPAA-compliant app for online counselling and therapy services
- Continuous Training and Development, including access to Udemy Business
- Company-wide socials
Our mission.
We have one mission. To help businesses grow. To make data easier. And to make the world a better place. We’re not a start-up. Not anymore. But we’ve not been around that long either. What we are is a collection of bright, passionate minds harnessing complexities and helping our clients and their communities. One culture, made of many. Heading in one direction – the future.
It’s all about you.
It’s important to us that you feel welcome, valued and respected. After all, it’s your individuality and passion for what you do that will make you Q. We see that – which is why we’re proud to be an Equal Opportunity Employer. We’ve created and will continue to improve our inclusive and diverse work environment. Regardless of your race, beliefs, color, national origin, gender, sexual orientation, age, marital status, neurodiversity or ableness – whoever you are – if you are a passionate, curious and caring human being who wants to push the boundaries of what’s possible, then we want to hear from you.
start. don’t stop – Apply