Find Your Dream Job Today

Our mission is to help high-achieving LGBTQ+ undergraduates reach their full potential.

Aumni - Sr. GRC Analyst - Senior Associate



Salt Lake City, UT, USA
Posted on Thursday, July 11, 2024

Job Description

Join Aumni and help revolutionize the venture capital industry! This role offers opportunities for career growth and skill development in a dynamic, forward-thinking company. Be part of our team and contribute to building the future of investment technology, while enjoying the benefits of a supportive and innovative work environment.

Job Summary:

As an analyst on Aumni’s GRC team, you will play a crucial role in ensuring the security and compliance of Aumni’s web application and customer data. You'll collaborate with various departments to maintain our Information Security Management System, assist with audits, support risk management and bolster Aumni’s security culture. Your contributions will directly impact the peace of mind and success of our customers and employees. Join us in our team’s mission to deliver stronger, smarter security solutions while fostering a supportive and collaborative team culture. If you don't have one of the required qualifications, don't let that deter you from applying.

Job responsibilities:

  • Contribute to the governance of Aumni’s Information Security Management System (ISMS) to comply with SOC 2, ISO 27001 and legal requirements
  • Facilitate external audit walkthroughs and evidence gathering
  • Support risk management (identification, treatment & monitoring)
  • Help manage our internally-developed, semi-automated scheduled security controls system
  • Support and educate Aumni control owners in the completion and proper execution of controls
  • Respond to Customer Security Questionnaires based on an acquired, thorough understanding of Aumni’s ISMS
  • Propose ways to improve our information security and compliance programs
  • Ensure recognition is given for security-conscious employees for our Security Ambassadors program
  • Review third-parties for vendor security due diligence

Required qualification, capabilities and skills:

  • 2+ years in a Technology GRC or IT Auditor role
  • Familiarity with at least 1 information security framework (SOC 2, ISO 27001, NIST, etc.)
  • A desire to continuously learn and thoroughly understand information security and technology concepts
  • An understanding of the software development lifecycle

Preferred qualifications, capabilities and skills:

  • Experience with the Big 4 (or similar)
  • Intermediate to advanced Excel skills
  • Security or IT Audit related certification (e.g., CISA, CISSP, CITP, CCSA)
  • Basic coding/dev skills
  • Basic understanding of Venture Capital