Senior Specialist, Governance, Risk and Compliance – GRC
Veracyte, Inc.
Security Operations Engineer
AdRoll, a division of NextRoll
full-time
Posted on:
Origin: • 🇺🇸 United States • California, New York
Visit company websiteSalary
💰 $112,833 - $167,198 per year
Job Level
Mid-LevelSenior
Tech Stack
Cyber Security
About the role
- Report to the Director of Security as part of the Cybersecurity team
- Serve as primary point of contact for external auditors and manage SOC 2 Type II audit documentation
- Identify and reduce security and compliance risks across product-related issues and external systems
- Improve compliance processes, including automation and use of platforms like Vanta
- Oversee and track timely fixes for vulnerabilities found by tools like Orca Security
- Guide incident response processes, ensure appropriate logging and monitoring with Datadog, and manage follow-up actions
- Provide technical support for regulatory compliance (SOC 2, GDPR, CCPA)
- Collaborate daily with product, engineering, legal, and HR teams
Requirements
- Bachelor’s degree in computer science, engineering, or equivalent experience
- 5+ years of experience in security operations or governance, risk, and compliance (GRC)
- Successfully led multiple SOC 2 Type II audits (ISO 27001 experience a bonus)
- Experience with risk assessments, designing and testing controls, and managing remediation efforts
- Familiarity with risk assessment methods and automating routine tasks (e.g., using compliance platforms like Vanta)
- Experience tracking and remediating vulnerabilities identified by tools such as Orca Security
- Experience in incident response, logging and monitoring (e.g., Datadog)
- Ability to manage competing priorities and keep complex projects on track
- Ability to explain audit findings and technical security concepts to executives and engineers
