Task Force Talent is seeking an Information Security (Cybersecurity) Governance, Risk, and Compliance (GRC) Analyst for a very well-funded Series C company working on data analytics for insider threat and supply chain security problems. Applicants MUST HAVE recent experience with ISO 27001; recent FedRamp experience as well as GDPR and CCPA experience is a big plus. Applicants with prior startup experience will also have a significant advantage.
Core Responsibilities:
Orchestrate GRC initiatives to bolster security across cloud ecosystems, SaaS offerings, and endpoint devicesDesign and implement a compliance framework aligned with corporate objectives, maintaining current certifications (e.g., ISO 27001) and pursuing new standardsGuide internal readiness assessments for compliance audits and manage relationships with third-party certification bodiesOversee risk management for products, corporate IT, and external partnershipsPinpoint and address security gaps in infrastructure, products, and internal toolsPerform security and intelligence risk evaluations for vendors and partnersOversee and update the company's security policy repositorySupport sales efforts by addressing technical security questionnairesDevelop and maintain a comprehensive security awareness program covering data protection, insider risk, and regulatory requirements (such as GDPR and CCPA) Required Qualifications:
5+ years of GRC experience in SAAS environments built on major cloud platforms (AWS, Azure, etc.)In-depth knowledge of ISO 27000 series, NIST 800 guidelines, and relevant data protection lawsProven track record in leading security projects and compliance initiativesExperience in securing third-party security certificationsProficiency in vendor risk management processesFamiliarity with compliance automation tools Desirable Skills:
Experience with FedRAMP Moderate certification processISO 27001 Internal Auditor certificationPractical knowledge of GDPR and CCPA requirementsBackground in insider risk program managementAdaptability to fast-paced, startup environmentsUnderstanding of application security principles We have an extremely good relationship with this client and work directly with senior managers, including the CISO and CTO, who has started several companies and had multiple successful exits, including an IPO. We have placed quite a few engineers at this firm over the last year, and everyone we have placed is extremely happy. (Even those who did not get an offer were left with very positive impressions.)
The company is profitable and growing fast with approximately 150+ employees. The position is available in Tysons Corner, VA. The work environment is hybrid, typically 3 days/week in the office so people know each other, but those hours are flexible to accommodate family/childcare and traffic.
The benefits are great and include:
Company Equity OptionsUnlimited PTO and Wellness ReimbursementU.S. HolidaysPaid Parental LeaveComprehensive Insurance (Medical, Dental, and Vision) This company is completely private sector, no security clearance required, but applicants should be clearance eligible and an existing clearance is a plus. As such, employment is open to U.S. citizens only at this time (no visa sponsorship.)
Not your dream job, but perfect for a friend? You can submit a referral and get a check for $2000 or more: https://www.taskforcetalent.com/referral/
(Terms and conditions apply.)
________________________________________________________________________________________________________________________________________
About us: Task Force Talent is a specialized recruiting firm for science, engineering, and security careers. Our clients include seed to Series C startups working on AI, cybersecurity, quantum computing, and other novel technologies. We also work with small to medium size government contractors, and we help leading venture capital firms find talent for their portfolio companies. We have hundreds of jobs available and consider all applicants for all roles, now and in the future. Our goal is to find the best fit for you!
If you don't see the perfect fit, simply use our general application at: https://taskforcetalent.breezy.hr/p/5bbc3c44433e-single-application-for-all-jobs-general ____________________________________________________________________________________________________________________________________________
Qualifications U.S. CitizenRecent experience with ISO (specifically ISO 27001) and knowledge about GDPR and CCPAExperience with FedRampExperience with SOC 2 Type 2 and risk management proficiency (general and vendor-specific)Experience with reputable assessment methodologies and implementing robust compliance programs (ex. programs that secure third-party data, and vendor risk management assessments)Familiar with utilizing compliance automation software to the fullestExperience with directing research and implementation of compliance standards5+ years experience; ideally more ____________________________________________________________________________________________________________________________________ Interview Process Task Force Talent will conduct initial interview(s). The company will then usually conduct a quick phone screen with HR, a more detailed on site interview with the CISO, and then several interviews with various parts of the company before a final interview with the CTO.