Senior Governance, Risk and Compliance (GRC) Analyst II Job at Kandji, Miami, FL

QmdCTHlqK29oR3AyTjdCaVJiZk4zd20vcGc9PQ==
  • Kandji
  • Miami, FL

Job Description

About Kandji

Kandji is the Apple Device Management and Security Platform. Kandji empowers companies to manage and secure Apple devices in the enterprise and at scale. By centrally securing and managing Mac, iPhone, iPad, and Apple TV devices, IT and InfoSec teams can save countless hours of manual, repetitive work with features like one-click compliance templates and more than 150 pre-built automations, apps, and workflows.

Backed by world-class investors such as General Catalyst, Tiger Global, Greycroft, B Capital Group, Okta Ventures, the Spruce House Partnership, and First Round Capital, Kandji has raised over $200M in capital to date.

Trusted by industry leaders, Kandji's rapidly growing customer base includes companies like Ramp, Notion, Netskope, Noom, Turo, Groupon, VoxMedia, and more.

Recognized for its award-winning products, Kandji was recently named the #1 fastest-growing app in Okta's 2023 Businesses at Work Report and a G2 Best Software 2023 Award Winner for Fastest Growing Products.

The Opportunity

Kandji is looking for a Senior Governance Risk and Compliance (GRC) Analyst II to add to our growing Security, IT and Trust teams. The GRC team is part of the Kandji Security and Trust organization and manages key pillars of the Kandji Risk Management framework. The GRC team is responsible for Customer Assurance, Security Compliance, Policy Governance, Information Security Risk Assessment, Third Party Risk Management, Security Compliance training and awareness, and Privacy.

This opportunity provides the ability to work with various teams to evaluate controls, perform control testing to improve the efficiency and effectiveness of the internal control programs. This includes facilitating the development and maintenance of standards, processes, and tooling in order to promote scalability, repeatability and growth of the function. You will also facilitate risk assessments and control reviews to accommodate new business areas as well as changes in processes. This includes management of information security risk assessment process, defining and creating risk methodology, developing new or expanding product risk analysis. The Senior GRC Analyst II will report to the Team Lead, GRC and work collaboratively with other departments across Kandji.

How you'll make a difference day to day
  • In support of multiple frameworks (e.g. ISO 27XXX, SOC2) plan, design and execute controls testing, controls assessment and risk management practices.
  • Develop and execute on dynamic risk-based information security risk management and third party risk management programs.
  • Execute on the risk assessment life cycle including identifying key risks, assessing risks and controls, calculating residual risk, identifying areas of improvement and collaborating with control owners on remediation plans against products, features, datasets, applications, and third parties.
  • Collaborate with cross-functional teams to develop and implement privacy policies, procedures, and controls to mitigate data privacy risks.
  • Provide expertise and guidance on data privacy laws and regulations, including GDPR, CPRA, EU AI Act and other relevant frameworks.
  • Design and execute strategies for ensuring organizational compliance with SOC2, GDPR, Data Privacy, federal, state, and local government compliance, or similar regulations.
  • Conduct impact assessments (PIAs, BIAs, AIIAs) and assist in developing strategies to address identified risks.
  • Conduct data classification assessments to identify and categorize sensitive information based on its level of confidentiality, criticality, and regulatory implications.
  • Be a trusted advisor for internal audit programs to expedite reviews and mitigate operational impacts.
  • Assist with the preparation of reports and presentations for management and regulatory agencies.
  • Support in the development and implementation of compliance training and awareness programs.
  • Participate or lead special ad-hoc projects or initiatives as assigned.

We'd love to hear from you if you have
  • Seven (7) years or more of relevant experience in risk-based technology compliance management programs, or Auditing experience,
  • Experience in performing risk-based testing for control compliance, including the identification, assessment, and mitigation of compliance issues: understanding how to balance the company's risk appetite to compliance needs/requirements
  • Detailed knowledge and experience with technology controls across a variety of industry frameworks and how to assess controls supporting compliance for SOC2, FedRamp, CMMC, ISO 27001, ISO 27701, ISO 42001, CSA Star and global privacy regulations.
  • Detailed knowledge of information security, technology compliance management industry frameworks and standards: NIST, OWASP, SANS, ISO-27001/2.
  • Experience developing dynamic approaches to the implementation of a technology compliance program utilizing a variety of testing methods, both manual and automated, to provide qualitative and quantitative results where applicable
  • Strong analytical and problem-solving skills.
  • Excellent project management, written and verbal communication skills.
  • Ability to manage multiple priorities and deadlines.
  • Proven track record as a strong cross-teams collaborator and team player, dealing with complex programs and influencing cross-functional audiences.
  • Required to work on-site 4 days a week (Monday through Thursday) in Miami. Managers may require additional on-site days.

Nice to haves
  • Experience and familiarity with cloud data security and working with public cloud solutions (AWS)
  • Experience working with a Governance Risk and Compliance technologies
  • Experience implementing Data Privacy technologies
  • Certifications such as CISA, CIPT, CRISC, CISSP, CCSP

Competencies
  • Values Differences
  • Communicates Effectively
  • Instills Trust
  • Action Oriented
  • Always Learning
  • Execution
  • Planning & Time Management

Benefits & Perks

•Competitive salary

•100% individual and dependent medical + dental + vision coverage

•401(k) with a 4% company match

•20 days PTO

•14 paid holidays per year

•10 health and wellness days per year

•Kandji Wellness Week off July 1 - July 5, 2024

•Equity for full-time employees

•12 weeks of paid leave for new parents

•Paid Family and Medical Leave

•Modern Health - Mental Health Benefits - Individual and Dependents

•Monthly utilities stipend

•Free onsite fitness center

•Free parking

•Lunch 4 days/week

•Exciting opportunities for career growth

•An outstanding, inclusive culture

We are excited to be serving a significant need for a fast-growing market, and are proud of the high-performing team we have brought together so far. If you're someone who wants to engage in new, exciting projects that will challenge your skills in the best way possible, we would love to connect with you.

At Kandji we believe in fostering an inclusive environment in which employees feel encouraged to share their unique perspectives, leverage their strengths, and act authentically. We know that diverse teams are strong teams, and welcome those from all backgrounds and varying experiences.

Kandji is proud to be an equal opportunity employer committed to diversity and inclusion in the workplace. Qualified applicants will be considered for employment without regard to race, color, religion, national origin, age, sex, sexual orientation, gender identity, physical or mental disability, protected veteran or military status or any other status protected by applicable law.

#LI-Hybrid

Job Tags

Holiday work, Full time, Local area, Monday to Thursday,

Similar Jobs

Wegmans Food Markets

Overnight Stocker Job at Wegmans Food Markets

 ...Schedule: Part time Availability: Evening, Overnight (Including Weekends). Age Requirement: Must be 18 years or older Location: Ithaca, NY Address: 500 S. Meadow Street Pay: $17 - $18 / hour Job Posting: 09/24/2024 Job Posting End: 10/24/2024 Job... 

Optum

Pharmacy Technician and Liaison Job at Optum

 ...position supports all functions of the Genoa mental health and specialty pharmacy by providing onsite support in the partner clinic as a liaison between the clinic and a Genoa pharmacy, coordinating prescription services, dispensing medical prescriptions and performing... 

Sebago Technics

Landscape Architect Job at Sebago Technics

 ...and the principles and practices of related specialties, including geometric layout, road design, drainage design, grading design, landscape design and site detailing. Identify the need for specialty in-house or sub-consultant services to meet project objectives (... 

Hallmark

Part Time Retail Merchandiser - Coleman FL 33653 Job at Hallmark

Join Hallmark as a Part-Time Retail Merchandiser in Coleman, FL! This is your opportunity to represent the world's best-known greeting card brand and play a crucial role in merchandising, creating, and building displays within your territory for a positive shopper... 

FPI Management

Affordable Housing Community Director - Non-Exempt (REF6006K) Job at FPI Management

 ...regulations, FPI Standard Operating Procedures. Comply with all Fair Housing Laws and FPI policies and procedures. Promote a...  ...Requirements: Must have a minimum of 2 years' experience with affordable housing programs including but not limited to: LIHTC, HUD...