GRC Analyst
Modernizing MedicineSalary not specified
- Full Time
- Junior (1 to 2 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Financial Services, Real Estate, BiotechnologyIndustries
GRC Analyst
Employment Type: Full-Time Location Type: Remote
About Juniper Square
Our mission is to unlock the full potential of private markets. Privately owned assets like commercial real estate, private equity, and venture capital make up half of our financial ecosystem yet remain inaccessible to most people. We are digitizing these markets, and as a result, bringing efficiency, transparency, and access to one of the most productive corners of our financial ecosystem.
If you care about making the world a better place by making markets work better through technology – all while contributing as a member of a values-driven organization – we want to hear from you.
Juniper Square offers employees a variety of ways to work, ranging from a fully remote experience to working full-time in one of our physical offices. We invest heavily in digital-first operations, allowing our teams to collaborate effectively across 27 U.S. states, 2 Canadian Provinces, India, Luxembourg, and England. We also have physical offices in San Francisco, New York City, Mumbai and Bangalore for employees who prefer to work in an office some or all of the time.
About Your Role
The GRC Analyst is responsible for supporting the organization's governance, risk management, and compliance (GRC) program. The ideal candidate will have a strong understanding and experience building scalable, right-sized risk management and compliance processes for a high-growth company. The successful candidate will also possess strong analytical and problem-solving skills, as well as excellent communication and interpersonal skills.
This role will work closely with a broad set of cross-functional stakeholders within the company and should be able to build rapport and influence towards appropriate risk management outcomes.
What You'll Do
Governance (20%)
- Policy Management:
- Develop a comprehensive set of security and privacy policies and procedures working with Legal, HR, IT, Engineering.
- Update policies and procedures annually while incorporating stakeholder feedback and obtain approval.
- Define and manage incoming policy exceptions on an ongoing basis to manage associated risk.
- Security and Privacy Training and Awareness:
- Develop and implement role and team-specific security and privacy training working closely with key business partners.
- Manage the roll-out, escalation, and completion of all security and privacy training modules.
- Phishing Management:
- Manage phishing campaigns on an ongoing basis with appropriate re-training processes baked into the process.
- Refine existing phishing reporting processes and integrate them better with our incident management processes.
- GRC Metrics and Reporting:
- Ensure the GRC function meets key performance metrics.
Risk (40%)
- Risk Management:
- Maintain business unit risk registers with existing teams on a monthly basis to appropriately address key risk areas.
- Co-develop and coach business units on right-sized and right-scoped risk remediation plans.
- Work with cross-functional teams to onboard new business units onto the risk management process.
- Third-Party Risk Management:
- Continuously improve vendor and contractor risk assessments during vendor onboarding with a defined SLA.
- Conduct annual vendor monitoring and re-assessment processes for existing vendors.
- Maintain the vendor risk register and work with vendors to reduce risk on an ongoing basis.
Compliance (40%)
- Compliance:
- Maintain and onboard existing/new security compliance certifications and frameworks (e.g., SOC2, ISO, and others).
- Work with cross-functional teams to procure controls evidence to provide to external auditors timely and issue reports timely.
- Work cross-functionally between teams and auditors to ensure a smooth and efficient audit process.
- Improve the audit process through automation and controls rationalization year over year.
- Monitor and test the effectiveness of compliance control health throughout the year, not just during audits.
- Serve as a subject matter expert for all things compliance.
- Identify and assess business changes for rele-
Skills
Governance
Risk Management
Compliance
Policy Management
Analytical Skills
Problem-Solving
Communication Skills
Interpersonal Skills
Juniper Square
Technology solutions for private investment partnerships
About Juniper Square
Juniper Square provides a comprehensive platform for managing private investment partnerships in sectors like commercial real estate, private equity, and venture capital. The platform supports all phases of the investment lifecycle, including fundraising, investor operations, and fund administration. It connects general partners (GPs) and limited partners (LPs), facilitating communication and collaboration throughout their investment journeys. By automating processes and making critical investment data easily accessible, Juniper Square helps reduce manual work and accelerates investment closings. Unlike its competitors, Juniper Square offers a universal system tailored specifically for private markets, accommodating firms of any size and complexity. The company's goal is to simplify and enhance the investment process, ensuring secure management and sharing of sensitive information.
San Francisco, CaliforniaHeadquarters
2014Year Founded
$234.4MTotal Funding
LATE_VCCompany Stage
Fintech, Financial ServicesIndustries
501-1,000Employees