All Jobs
CoreWeave
Posted on 
Oct 22, 2024

Senior Governance, Risk & Compliance Analyst

Roseland
Apply NowApply Now
CoreWeave
CoreWeave
CoreWeave

CoreWeave

https://www.coreweave.com/
Private
101-250
Software, Security & Developer Tools

CoreWeave is a specialized cloud provider focused on GPU accelerated use cases including VFX, AI/ML, Batch Processing and Real Time Experiences. We support countless AI/ML services in the text to image, NLP and broader AI/ML space, reducing client’s infrastructure management requirements with our Kubernetes based serverless GPU cloud offerings.

Job Description

The Senior Governance, Risk & Compliance (GRC) Analyst at CoreWeave will be responsible for supporting the GRC Manager and internal stakeholders with the design, implementation and enforcement of security, operational and privacy controls to govern the protection of CoreWeave Cloud. The primary focus of this role will be to conduct control readiness assessments, prepare control owners for external audits and track upcoming regulatory and compliance obligations to support CoreWeave’s growth.

Core job duties include, but are not limited to:

  • Assist GRC Manager and control owners with internal assessments and external audit engagements
  • Manage technical and business stakeholders across CoreWeave to identify, design and implement controls aligned to compliance requirements.
  • Track the lifecycle of regulatory and compliance scope to ensure control assessments, evidence collection and reporting requirements are fulfilled.
  • Collaborate with Product, Solutions Architect and Engineering teams to simplify and consolidate product related compliance requirements.
  • Perform on-going control maturity assessments to identify opportunities for improvement and evidence collection automation.

Qualifications:

  • Minimum of 5 years work experience in IT, Security Compliance or Audit function, preferably in the cloud service provider industry
  • Educational Qualification: Bachelor's in Information Security, Computer Science, or related degree; Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) Certification or equivalent
  • Experience conducting end to end control framework assessments; documenting control effectiveness, gaps, remediation requirements and/or maturity recommendations
  • In-depth knowledge of regulatory and compliance requirements, such as: SOX, SOC 2, ISO 27001:2022, ISO 27701, NIST 800-53, NIST CSF, PCI DSS, FedRAMP, GDPR, UK Cyber Essentials, HIPAA, etc.
  • Experience collaborating with cross-functional teams, including engineering, infrastructure, security, etc
  • Excellent knowledge of reporting procedures and record keeping
  • Ability to succeed in a team environment or work as an individual contributor

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $150,000-$170,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.

The Senior Governance, Risk & Compliance (GRC) Analyst at CoreWeave will be responsible for supporting the GRC Manager and internal stakeholders with the design, implementation and enforcement of security, operational and privacy controls to govern the protection of CoreWeave Cloud. The primary focus of this role will be to conduct control readiness assessments, prepare control owners for external audits and track upcoming regulatory and compliance obligations to support CoreWeave’s growth.

Core job duties include, but are not limited to:

  • Assist GRC Manager and control owners with internal assessments and external audit engagements 
  • Manage technical and business stakeholders across CoreWeave to identify, design and implement controls aligned to compliance requirements. 
  • Track the lifecycle of regulatory and compliance scope to ensure control assessments, evidence collection and reporting requirements are fulfilled. 
  • Collaborate with Product, Solutions Architect and Engineering teams to simplify and consolidate product related compliance requirements.
  • Perform on-going control maturity assessments to identify opportunities for improvement and evidence collection automation.

Qualifications:

  • Minimum of 5 years work experience in IT, Security Compliance or Audit function, preferably in the cloud service provider industry
  • Educational Qualification: Bachelor's in Information Security, Computer Science, or related degree; Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) Certification or equivalent
  • Experience conducting end to end control framework assessments; documenting control effectiveness, gaps, remediation requirements and/or maturity recommendations
  • In-depth knowledge of regulatory and compliance requirements, such as: SOX, SOC 2, ISO 27001:2022, ISO 27701, NIST 800-53, NIST CSF, PCI DSS, FedRAMP, GDPR, UK Cyber Essentials, HIPAA, etc. 
  • Experience collaborating with cross-functional teams, including engineering, infrastructure, security, etc 
  • Excellent knowledge of reporting procedures and record keeping
  • Ability to succeed in a team environment or work as an individual contributor

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $150,000-$170,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.

Apply NowApply Now
Why apply via Tech Ladies
Recommended Jobs
No items found.
See All Jobs
Receive Tech Ladies'
newest jobs in your inbox,
every week.

Join Tech Ladies for full-access to the job board, member-only events, and more!

If you're already a member, we haven't forgotten you. We promise. It's a new system. If you fill out the form once, it'll remember you going forward. Apologies for the inconvenience.

Roseland
Roseland
No items found.
No items found.
In-Person
In-Person