Aumni – Sr. GRC Analyst – Senior Associate
Salt Lake City, UT, United States
JPMorgan Chase & Co.
Join Aumni and help revolutionize the venture capital industry! This role offers opportunities for career growth and skill development in a dynamic, forward-thinking company. Be part of our team and contribute to building the future of investment technology, while enjoying the benefits of a supportive and innovative work environment.
Job Summary:
As an analyst on Aumni’s GRC team, you will play a crucial role in ensuring the security and compliance of Aumni’s web application and customer data. You'll collaborate with various departments to maintain our Information Security Management System, assist with audits, support risk management and bolster Aumni’s security culture. Your contributions will directly impact the peace of mind and success of our customers and employees. Join us in our team’s mission to deliver stronger, smarter security solutions while fostering a supportive and collaborative team culture. If you don't have one of the required qualifications, don't let that deter you from applying.
Job responsibilities:
- Contribute to the governance of Aumni’s Information Security Management System (ISMS) to comply with SOC 2, ISO 27001 and legal requirements
- Facilitate external audit walkthroughs and evidence gathering
- Support risk management (identification, treatment & monitoring)
- Help manage our internally-developed, semi-automated scheduled security controls system
- Support and educate Aumni control owners in the completion and proper execution of controls
- Respond to Customer Security Questionnaires based on an acquired, thorough understanding of Aumni’s ISMS
- Propose ways to improve our information security and compliance programs
- Ensure recognition is given for security-conscious employees for our Security Ambassadors program
- Review third-parties for vendor security due diligence
Required qualification, capabilities and skills:
- 2+ years in a Technology GRC or IT Auditor role
- Familiarity with at least 1 information security framework (SOC 2, ISO 27001, NIST, etc.)
- A desire to continuously learn and thoroughly understand information security and technology concepts
- An understanding of the software development lifecycle
Preferred qualifications, capabilities and skills:
- Experience with the Big 4 (or similar)
- Intermediate to advanced Excel skills
- Security or IT Audit related certification (e.g., CISA, CISSP, CITP, CCSA)
- Basic coding/dev skills
- Basic understanding of Venture Capital
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Banking CISA CISSP Compliance Governance ISMS ISO 27001 Monitoring NIST Risk management SDLC SOC SOC 2
Perks/benefits: Career development Competitive pay Health care Startup environment Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information System Security Officer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Threat intelligence-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs