Risk and Compliance Analyst @ Veritone

Risk and Compliance Analyst

Posted on 2/17/2023

INACTIVE

501-1,000 employees

Enterprise AI solutions platform

Company Overview

Veritone's mission is to democratize artificial intelligence and build a safer, more vibrant, transparent, and empowered society. The company is determined to invent new ways to enhance creativity and productivity like never before by investing in the unrealized potential of AI to unlock the future that once existed only in dreams.

Locations

Remote in USA

Experience Level

Entry

Junior

Mid

Senior

Expert

Desired Skills

Atlassian

Management

Communications

CategoriesNew

Legal & Compliance

Requirements

5+ years of related work experience building or operating programs to mitigate risks around security, confidentiality, integrity, availability, and privacy. Preferred prior experience in Information Security, Governance Risk or Compliance, or relevant Audit / Assessments functions
A proven track record in a security / operational risk management team with direct experience in conducting and analyzing security risk assessments
Extensive experience with maintaining information security framework programs, including related regulatory compliance requirements, such as FedRAMP, ISO 27001 / ISO 27002, SOC 2, GDPR, NIST Cyber Security Framework (CSF) / 800-53, CIS Critical Security Controls
Strong knowledge of audit and risk management methodologies, such as SOX, COBIT, NIST RMF / 800-37 / 800-30, FAIR
Proficient with Atlassian products, G-Suite applications, and GRC tools, such as ZenGRC / ServiceNow / MetricStream
Able to communicate security and risk-related concepts to both technical and non-technical audiences (in business terms)
Ability to collaborate across interdisciplinary teams to achieve tactical and strategic goals; an innovative teammate, problem solver, and consultant
Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function
Excellent written and verbal communication, interpersonal and collaborative skills
Ability to effectively prioritize and execute tasks in high-pressure situations
Understanding of cloud, SaaS, and IoT architectures, and their implications on information security strategy

Responsibilities

Build, drive and contribute to security and compliance tasking to facilitate continuous improvement and ensure alignment with the overall governance, risk management, and compliance strategy
Lead risk mitigation or risk acceptance conversations and help stakeholders reach a common understanding of the risks and tradeoffs, and a defined plan to either mitigate or accept the risk(s)
Develop and/or deliver regular risk metrics and reporting to GRC Management and VSEC / Staff leadership and management committees such as the Security Committee or Board Risk Committee
Build and maintain strong cross-functional relationships across the organization to help with expectation setting, training and awareness, and promote consistency and improvement in our processes
Assist with the implementation and operation of Governance Risk and Compliance (GRC) tooling to further improve and automate our risk management processes
Advise and collaborate with SMEs, including Audit & Compliance teams, to ensure adequate security controls are in place to manage risk and are aligned with leading best practices
Help support various parts of the company to adopt a common risk management process, this may include joining other Security GRC projects (e.g., Third Party Risk Management, M&A Due Diligence, Risk & Compliance Assessments) or other projects adjacent to our Security GRC program objectives
Keep up with relevant regulation, emerging threats, forecasts, policies and best practices, and maintain a mindset of constant innovation to consider possibilities in advancing our risk management framework

Desired Qualifications

Bachelor of Science Degree in Engineering Technology, Computer Science, or equivalent
Relevant professional certifications in Information Security or Governance Risk Compliance Management is a plus, such as CISA, CISM, CRISC, CGEIT, CSX-P, CISSP, CCSK

WE ARE VERITONE

We are driven by the belief that Artificial Intelligence is mankind’s greatest invention. It is the key to building a safer, more vibrant, transparent, and empowered society. We are determined to be an active contributor to shaping our future for the better. We care about the ethical implications of AI and the prosperity and well-being of all individuals, as well as the growth and continued successes of our employees, customers, and partners.

Veritone’s mission today is more important than ever. We’re here to democratize AI and enable every organization and every person with the power of AI. What started in 2014 with the idea of providing unified access to hundreds of cognitive engines through one common software infrastructure, evolved to the world’s first AI operating system, aiWARE, which orchestrates a diverse ecosystem of cognitive engines to power intelligent automation for both commercial and government organizations. As we progress, we will continue to move humans from “in” to “on” to “out of the loop” to help them accelerate workflows, save time and costs, and uncover new insights and opportunities.

WHAT YOU’LL DO

Build, drive and contribute to security and compliance tasking to facilitate continuous improvement and ensure alignment with the overall governance, risk management, and compliance strategy
Lead risk mitigation or risk acceptance conversations and help stakeholders reach a common understanding of the risks and tradeoffs, and a defined plan to either mitigate or accept the risk(s)
Develop and/or deliver regular risk metrics and reporting to GRC Management and VSEC / Staff leadership and management committees such as the Security Committee or Board Risk Committee
Build and maintain strong cross-functional relationships across the organization to help with expectation setting, training and awareness, and promote consistency and improvement in our processes
Assist with the implementation and operation of Governance Risk and Compliance (GRC) tooling to further improve and automate our risk management processes
Advise and collaborate with SMEs, including Audit & Compliance teams, to ensure adequate security controls are in place to manage risk and are aligned with leading best practices
Help support various parts of the company to adopt a common risk management process, this may include joining other Security GRC projects (e.g., Third Party Risk Management, M&A Due Diligence, Risk & Compliance Assessments) or other projects adjacent to our Security GRC program objectives
Keep up with relevant regulation, emerging threats, forecasts, policies and best practices, and maintain a mindset of constant innovation to consider possibilities in advancing our risk management framework

WHAT YOU’LL NEED

5+ years of related work experience building or operating programs to mitigate risks around security, confidentiality, integrity, availability, and privacy. Preferred prior experience in Information Security, Governance Risk or Compliance, or relevant Audit / Assessments functions
A proven track record in a security / operational risk management team with direct experience in conducting and analyzing security risk assessments
Extensive experience with maintaining information security framework programs, including related regulatory compliance requirements, such as FedRAMP, ISO 27001 / ISO 27002, SOC 2, GDPR, NIST Cyber Security Framework (CSF) / 800-53, CIS Critical Security Controls
Strong knowledge of audit and risk management methodologies, such as SOX, COBIT, NIST RMF / 800-37 / 800-30, FAIR
Proficient with Atlassian products, G-Suite applications, and GRC tools, such as ZenGRC / ServiceNow / MetricStream
Able to communicate security and risk-related concepts to both technical and non-technical audiences (in business terms)
Ability to collaborate across interdisciplinary teams to achieve tactical and strategic goals; an innovative teammate, problem solver, and consultant.
Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function
Excellent written and verbal communication, interpersonal and collaborative skills.
Ability to effectively prioritize and execute tasks in high-pressure situations.
Understanding of cloud, SaaS, and IoT architectures, and their implications on information security strategy

BONUS POINTS IF

Bachelor of Science Degree in Engineering Technology, Computer Science, or equivalent
Relevant professional certifications in Information Security or Governance Risk Compliance Management is a plus, such as CISA, CISM, CRISC, CGEIT, CSX-P, CISSP, CCSK

WHAT WE OFFER

A competitive compensation package.
Stock Options.
Flexible Time Off.
Quality benefits: medical, dental, vision, 401K.
An opportunity to be a part of the next big thing in artificial intelligence!

OUR CULTURE

Loves learning & continuous growth; stays current on marketing trends
Can juggle multiple projects, priorities, and deadlines with a positive attitude
Comfortable in a fast-paced, small company environment
Collaborative and always contributing value
Driven to win as a team
Remote first workplace
Check us out! https://vimeo.com/339909527

Veritone is a leading provider of artificial intelligence (AI) technology and solutions. The company’s proprietary operating system, aiWARE, orchestrates an expanding ecosystem of machine learning models to transform audio, video and other data sources into actionable intelligence. We love to continuously grow while staying ahead of trends and creating structure in an unstructured world.

If you’ve made it this far and align with our goals, we look forward to reviewing your qualifications!

DISCLOSURE

Our company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.

(Colorado & California Only*): Minimum annual salary of $85,000.00. This base pay is for illustrative purposes only and will be determined based on skills and experience comparable to the job requirements. This position may be eligible for additional compensation and benefits including but not limited to: incentive compensation; health benefits; retirement benefits; life insurance; paid time off; parental leave and benefits; and other employee perks and benefits.

*Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired in Colorado.