Job Description - GRC & Security Specialist - East Coast
Our story:
We’re anecdotes; a dynamic B-round startup founded in June 2020, who’s revolutionizing the Compliance Automation landscape for hyper-growth companies. At the heart of our mission is the belief that credible, visible, and actionable data should empower every GRC team's decision-making. Imagine a world where enterprises seamlessly collect and standardize data from hundreds of SaaS tools, cloud infrastructures, private networks, databases, and more. We bring that vision to life, providing continuous, real-time visibility into their Security Compliance posture.
What You'll Do:
Assist in automating access revocation workflows to ensure timely and secure offboarding processes.
Support configuration and monitoring of email security, including spam filters and phishing alerts.
Track, escalate, research and triage InfoSec alerts and contribute to the development of continuous audit playbooks.
Help define and maintain controls and evidence across compliance frameworks within Anecdotes platform ensuring completeness and ongoing monitoring.
Routine upkeep of risk register, link risks to controls, and participate in regular risk review meetings.
Create and monitor tasks tied to compliance requirements and controls within Anecdotes platform to support audit readiness and operational tracking.
Conduct initial vendor security reviews and manage ongoing monitoring under the Vendor Management Framework.
Support the creation and refinement of internal playbooks to guide recurring InfoSec and GRC processes.
Who You Are:
A detail oriented and curious professional eager to grow within the intersection of cybersecurity, GRC, and automation. You likely have:
ISO27001 Lead Auditor, AI Security Fundamentals, ISC2 Certified in Cybersecurity, CompTIA Security+
Completed Internal Audit, facilitated external audit - Must have
Based in East Coast US - Must
A strong interest in GRC, InfoSec, or IT operations, ideally with some academic or practical exposure.
Foundational knowledge of compliance frameworks (e.g., SOC 2, ISO 27001, or NIST) or risk management principles.
Familiarity with cloud environments, SaaS tools, or cybersecurity alerting is a plus.
A proactive mindset with the ability to manage multiple tasks, follow through on assignments, and pay close attention to detail.
Comfort working in a startup culture; adaptable, collaborative, and motivated to learn.
Strong communication and documentation skills.
Above all, you're excited to join a company that's not only shaping the future of GRC but also values your voice, contributions, and professional development.
Our playground
anecdotes is a place where your ideas are heard, your contributions are valued, and your professional growth is a priority. Join us, and be part of a team that's not only shaping the future of GRC solutions but also redefining the way we work together.
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in the US.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast!
Find the best jobs in the US, apply in 1 click and get a job today!