Senior GRC Analyst

Posted:
10/11/2024, 8:53:59 AM

Location(s):
Berkeley, California, United States ⋅ California, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Workplace Type:
Remote

Company Overview: 

At Praetorian, we are bringing together the world's brightest minds in pursuit of solving the cybersecurity problem by reducing the friction of security and enabling the next wave of technological innovation. From projects that range from cryptocurrency exchanges to autonomous vehicles and from medical device platforms to space telescopes, we apply expertise and engineering to help secure our customers.

Explore our exciting New Hire Survival Guide to dive into Praetorian's mission, vision, values, and culture! Discover our competitive benefits and perks we offer.

Career Opportunity:

  • Join an industry with massive socio-economic and political importance in the 21st century.
  • Work alongside some of the best and brightest minds in the security industry.
  • Help prominent clients solve critical security problems.
  • Make a tangible impact on our company, where individual input matters.
  • Align your career trajectory with a hyper-growth company in the security industry.

Core Responsibilities

  • Execute engagements focused on NIST Cybersecurity Framework (CSF), NIST Secure Software Development Framework (SSDF), CIS 18 Critical Security Controls, and other advisory based engagements.
  • Support clients in assessing their current governance, risk, and compliance (GRC) programs while developing strategic and tactical recommendations.
  • Assist in developing custom methodologies and frameworks that enhance client security postures.
  • Develop technical reports and presentations to be delivered to client executives (CISO, CIO, CSO).
  • Stay current on industry trends and emerging threats, incorporating that knowledge into client engagements.
  • Collaborate with offensive security teams to bridge the gap between security assessments and broader GRC efforts.
  • Provide insights to clients by combining offensive security perspectives with industry-recognized frameworks.

Desired Qualifications

  • Ideal candidate is focused on GRC with a background or passion in offensive security.
  • 3+ years of experience in cybersecurity, with a focus on GRC or risk management roles.
  • Experience executing NIST CSF, CIS Critical Controls, or other frameworks assessments, and implementing technologies that support the controls of these frameworks.
  • Familiarity with offensive security principles, including penetration testing, red teaming, or incident response.
  • Understanding of the security components of regulatory standards (PCI DSS, HIPAA, NYDFS) and risk management methodologies.
  • Experience with cloud environments.
  • Excellent oral and written communication skills for presenting to executive leadership.
  • A track record of security consulting experience is a significant plus.
  • Bachelor’s degree in Computer Science, Information Security, or a related field.

+1 Qualifications

    • Hands on work experience with offensive security assessments such as penetration testing or red teaming.
    • Hands-on experience with security testing platforms (Hack the Box, TryHackMe) or offensive security related certifications (OSCP, PNPT, BSCP, etc.)
    • GRC centric certifications such as CISA, CRISC, CISSP.
    • Software development experience, either as a hobby or related to work.
    • Contributions to the security community (blogs, whitepapers, conference presentations).
    • Familiarity with automated testing tools and manual offensive security testing methodologies.

Desired Behaviors:

  • Fanatical passion for cybersecurity and the challenges it presents
  • Customer centric focus with an obsessive need to wow and delight each client
  • Ability to maintain high levels of output and work ethic
  • Personable individual who enjoys working in a team-oriented environment
  • Self-starter and independent learner that is able to spin up quickly

Compensation & Benefits:

  • Competitive salary
  • Equity Incentive Plan, offering ownership stakes in the company
  • Continuous learning opportunities through our internal Learning & Development (L&D) program, including training, certifications, and conferences to support your career growth
  • Recognition and rewards for speaking engagements at industry events and conferences
  • Comprehensive health and dental insurance coverage
  • Immediate 401(k) matching
  • Paid maternity and paternity leave

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

We are committed to an inclusive and diverse Praetorian.  We are an equal opportunity employer.  We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

 



Praetorian

Website: https://www.praetorian.com/

Headquarter Location: Austin, Texas, United States

Employee Count: 101-250

Year Founded: 2010

IPO Status: Private

Last Funding Type: Series A

Industries: Cloud Security ⋅ Cyber Security ⋅ Enterprise Software ⋅ Network Security ⋅ Penetration Testing ⋅ Security ⋅ Software Engineering