Senior GRC Analyst

at Abnormal Security
💰 $153k-$180k
🇺🇸 United States - Remote
⚖️ Finance & Legal🟣 Senior

Job description

About the Role

Abnormal AI is looking for a Senior GRC Analyst (Governance, Risk, and Compliance) to lead our SOx IT compliance program. The Security & Privacy team owns the information and cybersecurity program for the company, including IT, Security Operations, GRC, Privacy, and Customer Trust.

This role will be responsible for managing the end-to-end SOx program in coordination with internal and external audit partners, Finance, and IT. This includes leading ITGC scoping, evidence collection, walkthroughs, testing, and issue remediation. This person will serve as the main point of contact for SOx-related matters and will help mature the program in alignment with our rapid growth and evolving risk landscape.

The ideal candidate will have the mindset of an auditor with keen attention to detail,  possess exceptional skills in project management, be a good communicator who excels at explaining complex technology to diverse audiences in a way that fosters understanding and ownership, has strong collaboration and business sense, and an adept awareness of our customers’ requirements of Abnormal as a leading cybersecurity SaaS provider.

Who you are

  • Proven security experience in an audit or advisory capacity
  • Analytical thinker who exercises good business judgment
  • Confidence and willingness to ask questions, raise issues, and concerns in a timely manner
  • High attention to detail, process, and organization with strong project management skills to ensure accountability and results
  • Strong communication skills with the ability to quickly build rapport with internal and external stakeholders including auditors; demonstrated experience presenting technical concepts to diverse audiences
  • Proficient in managing results and achievements, even when faced with ambiguity or competing approaches regarding the best path to success.
  • Ability to adapt to change, including evolving business and technical environments, and manage multiple priorities while meeting deadlines in a fast-paced environment
  • Team player, collaborative work style
  • Self-motivated and able to work efficiently with minimal oversight/direction

What you will do

  • Own and lead Abnormal’s SOx IT compliance program, including annual planning, testing coordination, and reporting.
  • Coordinate with internal and external auditors to manage walkthroughs, evidence collection, and testing of ITGCs
  • Track and drive remediation of control gaps or audit findings and ensure closure is properly documented.
  • Maintain up-to-date documentation for controls, narratives, and process flows.
  • Partner with business and technical stakeholders to improve control design and operational effectiveness.
  • Monitor regulatory changes and adjust control requirements and documentation as needed.
  • Support continuous improvement of the SOx  program, through automation, metrics, and process enhancements
  • Design and manage program operations to support the program goals and implement and maintain technology to support the program and its operations.
  • Engage in ad-hoc projects as required.
  • Maintain regular, clear communication with project teams, key partners, and management regarding the status of controls testing, audit progress, risk assessment progress, and progress of issues management.
  • Effectively communicate program and project execution status, program health and effectiveness, key accomplishments, and risks to senior management both within Security and to our business partners.

Must Haves

  • 5+ years of experience in IT audit, SOx compliance, or related GRC roles
  • In-depth knowledge of SOX 404 requirements and IT General Controls (ITGCs).
  • Experience coordinating internal or external audits, including evidence gathering and walkthroughs
  • Strong project management skills and ability to drive remediation across teams.
  • Excellent written and verbal communication skills, with the ability to explain audit findings and compliance needs to non-technical stakeholders.

Nice to Have

  • Bachelor’s degree or equivalent military experience
  • CRISC, CISSP, CPA, CISA, PMP, CISM certification(s)
  • Experience using audit tools (e.g. ServiceNow, Drata)
  • Familiarity with cloud infrastructure, SaaS applications, and access control systems
  • Experience in a fast-paced technology company undergoing IPO or public company compliance requirements
  • 2+ years of Big 4 experience

#LI-EM4

At Abnormal AI, certain roles are eligible for a bonus, restricted stock units (RSUs), and benefits. Individual compensation packages are based on factors unique to each candidate, including their skills, experience, qualifications and other job-related reasons. We know that benefits are also an important piece of your total compensation package. Learn more about our Compensation and Equity Philosophy on our Benefits & Perks page.

Base salary range:

$153,000—$180,000 USD

Abnormal AI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law. For our EEO policy statement please click here. If you would like more information on your EEO rights under the law, please click here.

Share this job:
Please let Abnormal Security know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Abnormal Security logo

Abnormal Security

Cloud-Native Email Security

  • Founded in 2018
  • 75 remote jobs

Latest Jobs at Abnormal Security

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply