At Chainalysis, we believe that trust in our security, governance, and compliance is critical. Our GRC/Trust team ensures that our people, products, and data remain secure to maintain our customer’s trust.
As a Senior Security Analyst, you will lead security efforts to acquire and maintain industry certifications and design solutions that enable Chainalysis’ security goals, and collaborate directly with engineering teams to work quickly and securely. You will be responsible for defining the implementation of technical compliance capabilities and lead efforts to provide transparency to customers, prospects and other stakeholders. This role is focused on our Trust frameworks (SOC, FedRAMP, CMMC etc.) and also on contributing to our compliance engineering initiatives in the future across multiple industry and regulatory frameworks.
In this role, you’ll:
Partner with engineers to interpret and map compliance requirements to control implementation and assist with both product architecture and professional services organizational requirements.
Directly facilitate operational and regulatory outcomes across our US Public Sector and Global Government client portfolio, including FedRAMP, DoD IL5, and CMMC continuous monitoring and compliance audits.
Propose and implement ideas for operation improvements and facilitate automation for procedural compliance controls.
Guide technical and operational decision-making towards future product and services offerings to promote manageable, scalable, and efficient organizational processes.
Evaluate and advise the business on new and evolving global certification programs, requirements, and technologies.
Professionally handle communications with internal and external stakeholders on compliance issues or efforts
Manage and participate in audits, as appropriate.
We’re looking for candidates who have:
5+ years experience with compliance audits (FedRAMP, ISO, SOC2, etc.) and prior US Government compliance and audit experience (FedRAMP, FISMA, NIST 800-53, NIST 800-171, US Government ATOs, etc).
Proficiency with security concepts (encryption, authentication, etc.) and tooling for continuous monitoring (Nessus SecurityCenter, Burp, Jira, Splunk, etc.).
Experience implementing security controls and assessing compliance in distributed applications on cloud infrastructure (e.g Amazon AWS, GCP).
Experience managing external stakeholders and customer relationships as it relates to security and trust
Experience leading Security Compliance programs scoped to a global customer base
Developed or assessed SOC, ISO, FedRAMP, or other industry related compliance programs including understanding how to articulate controls and how to design effective compensating controls at the product or organization level, when necessary
Have exposure to compliance and regulatory regimes (e.g. FedRAMP, GDPR, HIPAA, ISO 27001, PCI DSS).
Technologies we use:
FedRAMP
NIST 800-53
NIST 800-171
ISO
SOC2
AWS
To provide greater transparency to candidates, we share base salary ranges for all United States based job listings. We set standard base salary ranges for all roles based on function, level, and location, benchmarked against technology companies. Individual pay decisions are based on a number of factors, including qualifications for the role, relevant work experience, skillset, internal equity, and other factors, consistent with applicable law. The salary range for this position is $88,200 - $126,000 - $163,800Base salary is just one part of our total rewards package which additionally includes equity, performance bonus or commissions for eligible roles, and competitive benefits. This position is ineligible for visa sponsorship.
About Chainalysis
Blockchain technology is powering a growing wave of innovation. Businesses and governments around the world are using blockchains to make banking more efficient, connect with their customers, and investigate criminal cases. As adoption of blockchain technology grows, more and more organizations seek access to all this ecosystem has to offer. That’s where Chainalysis comes in. We provide complete knowledge of what’s happening on blockchains through our data, services, and solutions. With Chainalysis, organizations can navigate blockchains safely and with confidence.
You belong here.
At Chainalysis, we believe that diversity of experience and thought makes us stronger. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. Some of the ways we’re ensuring we keep learning are an internal Diversity Committee, Days of Reflection throughout the year including International Women’s Day, Harvey Milk Day, World Humanitarian Day, and UN International Migrants Day, and a commitment to continue revisiting and reevaluating our diversity culture. We encourage applicants across any race, ethnicity, gender/gender expression, age, spirituality, ability, experience and more.
If you need any accommodations to make our interview process more accessible to you due to a disability, don't hesitate to let us know. You can learn more here. We can’t wait to meet you.