Senior GRC Analyst II

The Company You1ll JoinCarta connects founders, investors, and limited partners through world-class software, purpose-built for everyone in venture capital, private equity and private credit. Trusted by 65,000+ companies in 160+ countries, Carta1s platform of software and services lays the groundwork so you can build, invest, and scale with confidence.Carta1s Fund Administration platform supports 9,000+ funds and SPVs, representing nearly $185B in assets under management, with tools designed to enhance the strategic impact of fund CFOs. Recognized by Fortune, Forbes, Fast Company, Inc. and Great Places to Work, Carta is shaping the future of private market infrastructure.Together, Carta is creating the end-to-end ERP platform for private markets. Traditional ERP solutions don1t work for Private Funds. Private capital markets need a comprehensive software solution to replace outdated spreadsheets and fragmented service providers. Carta1s software for the Office of the Fund CFO does just that - it1s a new category of software to make private markets look more like public markets - a connected ERP for private capital.For more information about our offices and culture, check out our Carta careers page.The Problems You1ll SolveAt Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow.As a Senior GRC Analyst II, you1ll work to assess regulatory requirements and accordingly establish and maintain governance and risk frameworks. You will build and run security compliance programs to measure and reduce risk, report compliance metrics, and build and manage policies and standards.Here are some problems we1d love for you to help us solve:Manage and continually improve the Carta Governance, Risk, and Compliance program, ensuring it is aligned with our security strategy and business objectives.Develop, maintain, and lead the adoption of security policies, standards, and guidelines to ensure compliance with applicable regulatory requirements.Lead and coordinate internal and external security audits.Perform security assessments of vendors, third parties, and applications.Partner with cross functional teams to review initiatives that could impact compliance requirementsManage risk program activities including risk identification, tracking, and prioritization.Collaborate with engineering and product teams to assess risk posture and compliance status, and support remediation activities.The Team You1ll Work WithYou will be part of a security-minded team that believes in progress over perfection and where security culture and mindset is key. Our team is rethinking how GRC activities can be accomplished in innovative ways. We do not focus on building processes, but instead how to solve business problems while minimizing and managing risk exposure for Carta.About YouWe are looking for candidates who have:A strong understanding and working knowledge of information security and compliance frameworks, such as SOC 1 and 2, ISO 27001, NIST CSF, GDPR, CCPA, FINRA, SOX and SEC cybersecurity requirements.Excellent judgment and the ability to make balanced decisions when working with complex situations.Proven understanding of public cloud infrastructure and services in AWS and GCP including knowledge of cloud-native security protection measures, tools, and techniquesProven ability to collaborate with cross-functional teams and affect change to accomplish goals.Excellent written and verbal communication skills, including the ability to effectively communicate business and cybersecurity risk.5+ years of experience in developing and executing governance, risk and compliance functions.SalaryCarta1s compensation package includes a market competitive salary, equity for all full time roles, exceptional benefits, and, for applicable roles, commissions plans. Our minimum cash compensation (salary + commission if applicable) range for this role is:$193,800 - $228,000 in San Francisco, CA; Santa Clara, CA; New York City, NY$184,110 - $216,600 in Seattle, WAFinal offers may vary from the amount listed based on geography, candidate experience and expertise, and other factors.Disclosures:We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email.Carta uses E-Verify in the United States for employment authorization. See the E-Verify and Department of Justice websites for more details.For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report.Please note that all official communications from us will come from an @carta.com or @carta-external.com domain. Report any contact from unapproved domains to security@carta.com. #J-18808-Ljbffr