Security GRC Analyst

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU.If you'd like to build the world's best AI cloud, join us.Note: This position requires presence in our San Francisco office location 4 days per week; Lambda’s designated work from home day is currently Tuesday.What You’ll DoValidate and verify Lambda’s security controls and practices meet the requirements of ISO 27001, 27701, 27017, PCI, SOC 2, GDPR/CCPA and other relevant regulatory requirements to ensure alignment to business objectivesAssist in the update and maintenance of Lambda’s IT Risk Register across the full risk lifecycle: identification, assessment, treatment, tracking, and periodic reviewAssist with and drive remediation of control deficiencies and gapsProvide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.)Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reportingAssist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirementsAssist control owners with root cause analysis and track risk management action plan progressCreate risk metrics for management regarding information security control maturity, compliance status, risks, performance and findingsYouHave a minimum of 5 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirementsHave a working proficiency with at least one enterprise GRC or TPRM platform: AuditBoard, Vanta, OneTrust, Whistic or equivalentHave familiarity with cloud security controls and compliance in AWS, GCP or Azure environmentsHave experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operationsDemonstrate the ability to take ownership of assigned program workstreams, execute against defined milestones, and proactively identify improvements to existing processes and controlsHold a Bachelor’s degrees in Information Security, Computer Science or a related field; equivalent professional experience taken into considerationNice to HaveExperience in the AI infrastructure, machine learning and/or computer hardware industryExperience with Security by Design and/or Privacy by Design principlesExperience with standard cyber controls frameworks, including CIS Controls v8, NIST Cyber Security Framework (CSF), NIST 800-53, NIST 800-171, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks.Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks and databasesCertified Information Systems Auditor (CISA)Certified Information Security Manager (CISM)Certified Information Systems Security Professional (CISSP)Certified in Risk and Information Systems Control (CRISC)Salary Range InformationThe annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.About LambdaFounded in 2012, with 500+ employees, and growing fastOur investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent CoveWe have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOGOur values are publicly available: https://lambda.ai/careersWe offer generous cash & equity compensationHealth, dental, and vision coverage for you and your dependentsWellness and commuter stipends for select roles401k Plan with 2% company match (USA employees)Flexible paid time off plan that we all actually useA Final NoteYou do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills.Equal Opportunity EmployerLambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.Compensation Range: $131K - $175K