Avatar for DISCO
DISCO
Actively Hiring
Speeding up review times, improving accuracy with advanced AI, and securing your data
  • B2B
  • Public Stage
    Publicly traded company
  • Top Investors
    This company has received a significant amount of investment from top investors
  • +1

Senior Information Security GRC Analyst

Posted: 2 weeks ago• Recruiter recently active
Visa Sponsorship

Not Available

RelocationAllowed

About the job

PROFILE SUMMARY

The Information Security GRC Analyst supports the security governance and risk and compliance programs. They perform reviews, assessments, and audits, conduct research, and facilitate communication to internal and external stakeholders where necessary. They monitor, coordinate, and implement documentation to support security, compliance, and audit requirements. They ensure compliance with our audit obligations and drive continual improvement in our risk and cyber-security posture.

KEY ACCOUNTABILITIES

Information Security Compliance Program: Supports the information security programs including risk management and compliance testing. Coordinates security risk assessment activities and security compliance audits. Contributes to security audit procedures relevant to SOC 2 & ISO 27001. Improves and operationalizes vendor security and compliance programs.

Compliance and Audits: Improves existing compliance programs and processes. Designs and executes audit procedures to assess and measure company compliance with its security policies and procedures. Participates in compliance testing and monitoring of regulatory obligations, and other regulatory matters as required. Assists in responding to 3rd party assessments; maintains a library of security and compliance documentation.

Reporting and Documentation: Collects, analyzes, and prepares reports required for senior management, regulators, and other relevant stakeholders. Works closely with internal stakeholders on resolution of risk and compliance issues. Documents, investigates, and reports cybersecurity compliance issues and incidents. Supports activities related to contingency planning, business continuity management, and IT disaster recovery. Maintains and improves information security policies.

EXPERIENCE

  • 5+ years of experience in security operations, risk or compliance management
  • 1+ years of IT or other relevant technical experience
  • Significant knowledge and experience with ISO 27001 and SOC2
  • Experience coordinating tasks to complete third party assessments
  • Experience writing clear and concise policies, procedures, or controls in one or more standards/frameworks

SPECIALIZED KNOWLEDGE or SKILLS

  • Key 3-5 specific skills or knowledge required to be able to fulfill the job requirements.
  • Knowledge of computer networking concepts and protocols and network security methodologies
  • Knowledge of risk management processes
  • Knowledge of cyber threats and vulnerabilities
  • Ability to advance multiple projects concurrently
  • Excellent oral and written communication skills, with the ability to clarify complex topics to both technical and non-technical audiences

Other preferred experience for the position

  • Experience securing the public cloud (AWS, GCP, Azure)
  • Experience responding to third-party risk management questionnaires from client and customer organizations

Perks of DISCO

  • Open, inclusive, and fun environment
  • Benefits, including medical, dental and vision insurance, as well as 401(k)
  • Competitive salary plus RSUs
  • Flexible PTO
  • Opportunity to be a part of a company that is revolutionizing the legal industry
  • Growth opportunities throughout the company

About DISCO

DISCO provides a cloud-native, artificial intelligence-powered legal solution that simplifies ediscovery, legal document review and case management for enterprises, law firms, legal services providers and governments. Our scalable, integrated solution enables legal departments to easily collect, process and review enterprise data that is relevant or potentially relevant to legal matters.

Are you ready to help us fulfill our mission to use technology to strengthen the rule of law? Join us!

We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

About the company

DISCO company logo

DISCO

Actively Hiring
Speeding up review times, improving accuracy with advanced AI, and securing your data201-500 Employees
  • B2B
  • Public Stage
    Publicly traded company
  • Top Investors
    This company has received a significant amount of investment from top investors
  • 4.1
    Work / Life Balance
    Employees rate DISCO 4.1/5 on Glassdoor for work / life balance
Learn more about DISCO image

Funding

AMOUNT RAISED
$133.6M
FUNDED OVER
5 rounds
Rounds
E
$83,000,000
Series E - Jan 2019+4

Perks

Medical, dental, vision
401k
Parental leave
All employees get equity
Flexible PTO
Take leave when you need to without waiting for it to accrue.
Free lunch, snacks, beverages every day
Free gym and showers
We even have yoga classes each week.
Monthly all hands for a transparent view of DISCO
DISCO Cares
Give back to our community with regular service projects with cross-functional teammates.

Founders

Kiwi Camara
Founder • 3 years
Houston
image
View the team image