{"schemaVersion":"jobsearcher.job.v1","id":"ac28f1656c0033ee60f4599d","url":"https://jobsearcher.com/jobs/ac28f1656c0033ee60f4599d","canonicalUrl":"https://jobsearcher.com/jobs/ac28f1656c0033ee60f4599d","title":"Senior Security GRC Analyst","description":"Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU.\nIf you'd like to build the world's best AI cloud, join us.\n\nNote: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda’s designated work from home day is currently Tuesday.\n\nWhat You’ll Do\nValidate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives\nManage IT Risk Register including risk identification, tracking, and prioritization.\nAssist with and drive remediation of control deficiencies and gaps\nProvide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.)\nCommunicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting\nAssist with the Customer Trust program which may include managing customer assessments, and security questionnaires\nAssist control owners with root cause analysis and track risk management action plan progress.\nCreate risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings\nAssist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements\nYou\nHave a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements\nHave experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks\nHave experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations\nPossess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives\nNice to Have\nExperience in the machine learning or computer hardware industry\nExperience with Security by Design and/or Privacy by Design principles\nExperience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks.\nBroad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems\nFamiliarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management\nCertified Information Systems Auditor (CISA)\nCertified Information Security Manager (CISM)\nCertified Information Systems Security Professional (CISSP)\nCertified in Risk and Information Systems Control (CRISC)\nExperience in the AI infrastructure, machine learning and/or computer hardware industry\nSalary Range Information\nThe annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.\n\nAbout Lambda\nFounded in 2012, with 500+ employees, and growing fast\nOur investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove\nWe have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG\nOur values are publicly available: https://lambda.ai/careers\nWe offer generous cash & equity compensation\nHealth, dental, and vision coverage for you and your dependents\nWellness and commuter stipends for select roles\n401k Plan with 2% company match (USA employees)\nFlexible paid time off plan that we all actually use\nA Final Note:\nYou do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills.\nEqual Opportunity Employer\nLambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.\nCompensation Range: $154K - $200K","company":"Lambda","rawCompany":"lambda","city":"San Jose","state":"CA","isRemote":false,"isActive":false,"createdAt":"2026-04-12T17:22:55.116Z","occupations":[{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"13-1199.07","title":"Security Management Specialists","slug":"security-management-specialists"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541519","title":"Other Computer Related Services","slug":"other-computer-related-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Senior Security GRC Analyst","description":"Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU.\nIf you'd like to build the world's best AI cloud, join us.\n\nNote: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda’s designated work from home day is currently Tuesday.\n\nWhat You’ll Do\nValidate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives\nManage IT Risk Register including risk identification, tracking, and prioritization.\nAssist with and drive remediation of control deficiencies and gaps\nProvide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.)\nCommunicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting\nAssist with the Customer Trust program which may include managing customer assessments, and security questionnaires\nAssist control owners with root cause analysis and track risk management action plan progress.\nCreate risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings\nAssist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements\nYou\nHave a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements\nHave experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks\nHave experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations\nPossess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives\nNice to Have\nExperience in the machine learning or computer hardware industry\nExperience with Security by Design and/or Privacy by Design principles\nExperience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks.\nBroad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems\nFamiliarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management\nCertified Information Systems Auditor (CISA)\nCertified Information Security Manager (CISM)\nCertified Information Systems Security Professional (CISSP)\nCertified in Risk and Information Systems Control (CRISC)\nExperience in the AI infrastructure, machine learning and/or computer hardware industry\nSalary Range Information\nThe annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.\n\nAbout Lambda\nFounded in 2012, with 500+ employees, and growing fast\nOur investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove\nWe have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG\nOur values are publicly available: https://lambda.ai/careers\nWe offer generous cash & equity compensation\nHealth, dental, and vision coverage for you and your dependents\nWellness and commuter stipends for select roles\n401k Plan with 2% company match (USA employees)\nFlexible paid time off plan that we all actually use\nA Final Note:\nYou do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills.\nEqual Opportunity Employer\nLambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.\nCompensation Range: $154K - $200K","datePosted":"2026-04-12T17:22:55.116Z","dateModified":"2026-04-12T17:22:55.116Z","hiringOrganization":{"@type":"Organization","name":"Lambda","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Jose","addressRegion":"CA","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"ac28f1656c0033ee60f4599d"},"url":"https://jobsearcher.com/jobs/ac28f1656c0033ee60f4599d"}}