Senior Information Security Analyst
Chainguard$139,000 - $155,000/year
Full Time
Senior (5 to 8 years)
$120,000 – $140,000Compensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Biotechnology, Cybersecurity, AIIndustries
Requirements
Candidates should have 5-7+ years of experience in GRC, audit, or risk management. A minimum of 3 years leading ISO 27001 certification/surveillance cycles and SOC 2 Type II audits is required, along with hands-on experience with ISO 27701 and ISO 42001 or equivalent AI governance programs. Proven ownership of SOC 2 programs in cloud-first environments and strong command of management systems, Trust Services Criteria, control testing, and evidence sufficiency are essential. Practical experience with access certifications, vendor risk reviews, customer security questionnaires/RFPs, and familiarity with privacy regulations like GDPR/CPRA are necessary. Comfort with GRC tooling, automation, ticketing workflows, and basic scripting for evidence retrieval is expected, as is the ability to communicate clearly and foster accountability.
Responsibilities
The Senior GRC Analyst will lead certification and assurance programs, including SOC 2 end-to-end, and drive preparation and maintenance for ISO 27001, ISO 27701, and ISO 42001 audits. Responsibilities include managing the enterprise risk program, performing risk assessments, ensuring control effectiveness through testing and remediation, and overseeing access governance. The role also involves driving vendor and third-party risk management, supporting customer trust by managing security questionnaires and RFP responses, and advancing governance and privacy initiatives. Additionally, the analyst will support incident response, business continuity/disaster recovery testing, and deliver reporting on risks, controls, and audit readiness.
Skills
GRC
SOC 2
ISO 27001
ISO 27701
ISO 42001
NIST
GDPR
CPRA
PCI
HIPAA
HITRUST
Risk Management
Control Testing
Access Governance
Vendor Risk Management
Third-Party Risk Management
Audit
Dopple
Subscription service for custom children's clothing
About Dopple
Dopple is a subscription service that curates custom wardrobes for children, focusing on providing unique and stylish clothing options. The service operates by delivering regular shipments of clothing tailored to the individual tastes and needs of each child, based on information provided by parents and data collected from their interactions with the service. This personalized approach makes shopping exciting, as each delivery offers a surprise element. Dopple partners with a variety of brands, including both well-known names and emerging designers, to ensure a diverse selection of high-quality clothing. Unlike many competitors, Dopple emphasizes a community experience through their "dopplegang," fostering customer engagement and loyalty. The company's goal is to enhance the shopping experience for parents while providing children with fashionable clothing, with plans to expand internationally in the future.
Raleigh, North CarolinaHeadquarters
2018Year Founded
$9.5MTotal Funding
SEEDCompany Stage
Consumer GoodsIndustries
11-50Employees
Benefits
Competitive salary and equity grants
Medical, dental & vision insurance
Paid time off & work from home flexibility (during and after COVID-19)
Free Dopple subscription and significant employee discounts
Learning and development programs, including education reimbursement
Risks
Increased competition from new subscription services may dilute Dopple's customer base.
Rising costs of premium brands could lead to higher subscription fees.
International expansion may face regulatory challenges and increased operational costs.
Differentiation
Dopple offers personalized children's clothing through a unique subscription model.
The company partners with over 200 brands, including Stella McCartney Kids and Versace.
Dopple uses machine learning to tailor clothing selections to individual tastes.
Upsides
Growing demand for sustainable children's clothing boosts Dopple's market potential.
AI-driven personalization enhances customer experience and engagement for Dopple.
U.S. children's clothing market growth supports Dopple's expansion plans.
Related Jobs
RemoteRemoteChief Product Evangelist
RescaleSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Manager, Exams & Audit Management
OKXSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteData Governance Specialist
WealthsimpleSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Security Analyst
Chainguard$139,000 - $155,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSenior Risk Analyst - Enterprise Risk Management
DeelSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteCounsel, Privacy and Compliance
Muck RackSalary not specified
- Full Time
- Junior (1 to 2 years)
RemotePartner Diligence
ColumnSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Manager, GRC
Modernizing MedicineSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteChief Information Security Officer
Flock Safety$350,000 - $380,000/year
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior GRC Analyst
TinesSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteLead Security Analyst - Governance, Risk, and Compliance
LaunchDarklySalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)