Senior Governance Risk and Compliance – GRC – Analyst
| Company | Headway |
|---|---|
| Location | Seattle, WA, USA, San Francisco, CA, USA, Remote in USA, New York, NY, USA |
| Salary | $163200 – $192000 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- 5+ years experience alongside security and/or software engineering roles in startup or growth stage teams with a demonstrated history of delivering on governance, risk, and compliance goals.
- Strong cross-functional experience.
- Strong technical depth and breadth in secure product platforms.
- Ability to tackle ambiguous problems in a fast-paced environment.
- Desire to lead the industry in implementing the latest security and privacy technologies.
- Results driven with a focus on creating impact and driving results for Headway’s business.
- Motivated by Headway’s mission to increase access to high quality mental health care.
Responsibilities
- Building + maintaining a Common Controls Framework – align and continuously monitor shared compliance and risk controls across different certifications and customer requirements.
- Coordinate security or privacy certification audits (e.g. SOC2, HiTrust, GDPR/CCPA, etc.) with external firms and Engineering and Security teams.
- Partner with Trust and Engineering teams to identify risk signals – Collaborate with Trust and Engineering teams to recognize and flag potential risk signals during all stages of Headway event’s lifecycle.
- Assist in ongoing security operations including incident response, vulnerability management, penetration testing, security reviews, and other operational tasks to ensure that our security program is operating at a world-class level.
Preferred Qualifications
- Thrive in ambiguity and tackle ambiguous problems in a fast-paced environment with an optimistic and energizing attitude.
- Seek opportunities to lead the industry in implementing the latest security and privacy technologies.