GRC Risk Analyst
We Are Veritone
We are driven by the belief that Artificial Intelligence is mankind’s greatest invention. It is the key to building a safer, more vibrant, transparent, and empowered society. We are determined to be an active contributor to shaping our future for the better. We care about the ethical implications of AI and the prosperity and well-being of all individuals, as well as the growth and continued successes of our employees, customers, and partners.
Veritone’s mission today is more important than ever. We’re here to democratize AI and enable every organization and every person with the power of AI. What started in 2014 with the idea of providing unified access to hundreds of cognitive engines through one common software infrastructure, evolved to the world’s first AI operating system, aiWARE, which orchestrates a diverse ecosystem of cognitive engines to power intelligent automation for both commercial and government organizations. As we progress, we will continue to move humans from “in” to “on” to “out of the loop” to help them accelerate workflows, save time and costs, and uncover new insights and opportunities. You can view us at: www.veritone.com / www.veritoneone.com
What You’ll Do
- Build, drive and contribute to security and compliance tasking to facilitate continuous improvement and ensure alignment with the overall governance, risk management, and compliance strategy
- Lead risk mitigation or risk acceptance conversations and help stakeholders reach a common understanding of the risks and tradeoffs, and a defined plan to either mitigate or accept the risk(s)
- Develop and/or deliver regular risk metrics and reporting to GRC Management and VSEC / Staff leadership and management committees such as the Security Committee or Board Risk Committee
- Build and maintain strong cross-functional relationships across the organization to help with expectation setting, training and awareness, and promote consistency and improvement in our processes
- Assist with the implementation and operation of Governance Risk and Compliance (GRC) tooling to further improve and automate our risk management processes
- Advise and collaborate with SMEs, including Audit & Compliance teams, to ensure adequate security controls are in place to manage risk and are aligned with leading best practices
- Help support various parts of the company to adopt a common risk management process, this may include joining other Security GRC projects (e.g., Third Party Risk Management, M&A Due Diligence, Risk & Compliance Assessments) or other projects adjacent to our Security GRC program objectives
- Keep up with relevant regulation, emerging threats, forecasts, policies and best practices, and maintain a mindset of constant innovation to consider possibilities in advancing our risk management framework
What You'll Need
- 5+ years of related work experience building or operating programs to mitigate risks around security, confidentiality, integrity, availability, and privacy. Preferred prior experience in Information Security, Governance Risk or Compliance, or relevant Audit / Assessments functions
- A proven track record in a security / operational risk management team with direct experience in conducting and analyzing security risk assessments
- Strong knowledge of relevant information security frameworks, including related regulatory compliance requirements, such as ISO 27001 / ISO 27002, SOC 2, GDPR, FedRAMP, NIST Cyber Security Framework (CSF) / 800-53, CIS Critical Security Controls
- Strong knowledge of audit and risk management methodologies, such as SOX, COBIT, NIST RMF / 800-37 / 800-30, FAIR
- Proficient with Atlassian products, G-Suite applications, and GRC tools, such as ZenGRC / ServiceNow / MetricStream
- Able to communicate security and risk-related concepts to both technical and non-technical audiences (in business terms)
- Ability to collaborate across interdisciplinary teams to achieve tactical and strategic goals; an innovative teammate, problem solver, and consultant.
- Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function
- Excellent written and verbal communication, interpersonal and collaborative skills.
- Ability to effectively prioritize and execute tasks in high-pressure situations.
- Understanding of cloud, SaaS, and IoT architectures, and their implications on information security strategy
Investigation / Clearance
- Must be a U.S. Citizen with the potential ability to obtain a Public Trust investigation (Tier 2) and / or Secret Clearance.
- Current or Past Active Clearance is highly desirable.
Bonus Points If
- Bachelor of Science Degree in Engineering Technology, Computer Science, or equivalent
- Relevant professional certifications in Information Security or Governance Risk Compliance Management is a plus, such as CISA, CISM, CRISC, CGEIT, CSX-P, CISSP, CCSK
What We Offer
- A competitive compensation package
- Equity Grant(s)
- Employe Stock Purchase Plan (ESPP)
- Remote first + Hybrid workplace
- VERI Communities (Affinity Groups) & Belonging
- Empowerment to build your career journey at Veritone
- Flexible (Paid) Time Off
- Benefits Program: medical, dental, vision, 401K matching, and more!
- Mental health awareness and support
- An opportunity to be a part of the next big thing in artificial intelligence!
- Loves learning & continuous growth; stays current on marketing trends
- Can juggle multiple projects, priorities, and deadlines with a positive attitude
- Comfortable in a fast-paced, small company environment
- Collaborative and always contributing value
- Driven to win as a team
- Remote first workplace
- Check us out!
Veritone is a leading provider of artificial intelligence (AI) technology and solutions. The company's proprietary operating system, aiWARE, orchestrates an expanding ecosystem of machine learning models to transform audio, video and other data sources into actionable intelligence. We love to continuously grow while staying ahead of trends and creating structure in an unstructured world.
If you’ve made it this far and align with our goals, we look forward to reviewing your qualifications!
Our company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.
(Colorado & California Only*): Minimum annual salary of $87,000.00. This base pay is for illustrative purposes only and will be determined based on skills and experience comparable to the job requirements. This position may be eligible for additional compensation and benefits including but not limited to: incentive compensation; health benefits; retirement benefits; life insurance; paid time off; parental leave and benefits; and other employee perks and benefits.
*Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired in Colorado.