Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.
Our mission is simple: End Cyber Risk. We’re looking for a Lead Governance, Risk, and Compliance Analyst to be part of making this happen.
The Lead Governance, Risk, & Compliance Analyst works with cross-functional stakeholders to understand the business and the risks and compliance needs of the organization to establish and maintain governance, risk and compliance processes. This role excels in organizing, planning and delivering results and relishes working with others to achieve critical security outcomes. This role champions the customer’s right to privacy and security and build in those requirements into product offerings & services as well as day-to-day business processes.
Responsibilities:
- Collaborate with multiple organizational stakeholders to drive development, maintenance and adoption of internal security & privacy policies, standards, procedures/guidance that allow Arctic Wolf to comply with multiple security/privacy frameworks, contractual obligations and regulatory requirements.
- Facilitate security and privacy policy & standards lifecycle management.
- Ensure security & privacy policies and standards are communicated to appropriate audiences and accounted for in Standard Operating Procedures.
- Lead and support Arctic Wolf’s internal and external audit/assessment activities
- Lead and support Arctic Wolf’s internal Risk and Compliance program execution to identify and drive remediation of Security & Privacy risks/findings.
- On an as-needed basis, provide advisory services to other teams on applicability and implementing/maintaining compliance with the Privacy and Security policies and standards through the course of their business operations.
- Administer and operate GRC toolset to automate processes and programs to gain efficiencies.
- Provide Program level metrics & reporting for consumption by Senior & Executive management.
Skills and Requirements:
- An ideal candidate will have strong skills in one of the following, and good skills in the third: GRC, Security, Systems Architecture
- 5+ years of overall technical security experience in a GRC lead/program management capacity (at least 2 of those years must be in a GRC Lead role) and/or Software/IT/Security/Compliance Architect and/or Principal Software Engineer and/or Security Program Manager – preference for experience in a technology/SaaS company.
- Strong program management skills to ensure accountability and results
- Ability to understand, track, and explain complex projects and programs run by other teams to relevant stakeholders, and to apply security & privacy frameworks & standards.
- Ability to put into practice security & privacy frameworks & standards such as ISO 27001, SOC2, GDPR, IRAP, FedRAMP, StateRAMP, CMMC, PCI DSS and HIPAA.
- Excellent written and verbal communication skills, especially translating between business (Engineering, Architecture, Legal, IT, Sales Engineering, Sales, Finance, Marketing, Security) and GRC/technical terminology.
- Ability to work under pressure with multiple stakeholders.
Preferred Qualifications:
- A Bachelor’s Degree in Computer Science, Information Systems, Engineering, or related technical field; or equivalent experience.
- Certifications such as CRISC, CISA, CISSP, CISM, etc. are considered preferentially.
About Arctic Wolf:
At Arctic Wolf we’re cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We’ve been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)—and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).
Our Values
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.
We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.
We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.
All wolves receive compelling compensation and benefits packages, including:
- Equity for all employees
- Bonus or commission pay based on role
- Flexible time off, paid volunteer days and paid parental leave
- 401k match
- Medical, Dental, and Vision insurance
- Health Savings and Flexible Spending Agreement
- Voluntary Legal Insurance
- Training and career development programs
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing [email protected].
Security Requirements:
- Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
- Background checks are required for this position.
- This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations (“EAR”). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these U.S. export control laws and regulations.