logo inner

GRC Analyst

Ethos LifeBengaluru, IndiaOnsite

About Ethos


Ethos was built to make it faster and easier to get life insurance for the next million families. Our approach blends industry expertise, technology, and the human touch to find you the right policy to protect your loved ones. We leverage deep technology and data science to streamline the life insurance process, making it more accessible and convenient. Using predictive analytics, we are able to transform a traditionally multi-week process into a modern digital experience for our users that can take just minutes! We’ve issued billions in coverage each month and eliminated the traditional barriers, ushering the industry into the modern age.

Our full-stack technology platform is the backbone of family financial health.We make getting life insurance easier, faster and better for everyone. Our investors include General Catalyst, Sequoia Capital, Accel Partners, Google Ventures, SoftBank, and the investment vehicles of Jay-Z, Kevin Durant, Robert Downey Jr and others. This year, we were named on CB Insights' Global Insurtech 50 list and BuiltIn's Top 100 Midsize Companies in San Francisco. We are scaling quickly and looking for passionate people to protect the next million families! 

About the Role


The GRC Analyst is responsible for supporting the organization's information security governance, risk, and compliance activities. This role involves ensuring that the organization’s security policies, procedures, and practices are aligned with regulatory requirements, industry standards, and best practices. The ideal candidate will have a strong understanding of information Security & Privacy principles, Third Party Vendor Risk management, ITGC & SOC2 audit controls, and the ability to communicate complex security issues to various stakeholders.

Duties and Responsibilities:


Governance:

  • Develop, implement, and maintain information security policies and procedures.
  • Ensure alignment of security governance frameworks with business objectives and regulatory requirements.
  • Assist in the creation and maintenance of the information security governance structure.
  • Risk Management:
  • Conduct information security risk assessments and evaluate the effectiveness of existing controls.
  • Identify, assess, and document risks related to information security & privacy across the organization.
  • Conduct regular risk assessments for existing and potential vendors.
  • Monitor and report on the organization’s information security risk posture.
  • Compliance:
  • Ensure compliance with relevant information security regulations, standards, and frameworks (e.g., ISO 27001, SOC2, ITGC,  NIST, PCI-DSS, CCPA, NYDFS, HIPAA).
  • Conduct regular security compliance assessments and audits.
  • Track and report on compliance gaps and work with relevant teams to address deficiencies.
  • Stay current on emerging security regulations and industry best practices.
  • Develop and deliver information security awareness and training programs to staff at all levels.
  • Reporting and Documentation:
  • Maintain comprehensive and accurate documentation related to information security governance, risk, and compliance.
  • Prepare and present reports on the organization’s information security activities, risk assessments, and compliance status to senior management.
  • Ensure all documentation is up-to-date and in compliance with regulatory and organizational requirements.

    • Qualifications and Skills:


    • Bachelor’s degree in Information Security, Computer Science, Cybersecurity, or a related field.
    • 3+ years of experience in information security, risk management and compliance.
    • Strong knowledge of information security frameworks, standards, and regulations (e.g., ISO 27001, NIST, CCPA, PCI-DSS, NYDFS, HIPAA).
    • Experience with security & privacy risk assessment and management methodologies.
    • Extensive experience in Third Party/Vendor Risk Management (TPRM) with hands-on expertise in managing VRM tools (e.g.,OneTrust, ProcessUnity, Vanta).
    • Experience in supporting security audits (SOC2, Customer & Partners Audits) - At least 2 complete audit cycles of SOC2. 
    • Excellent communication skills, with the ability to convey complex security concepts to non-technical stakeholders.
    • Relevant certifications such as ISO 27001 LA LI, CISA, CRISC are highly desirable.

    #LI-DG1#LI-HybridDon’t meet every single requirement? If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. At Ethos we are dedicated to building a diverse, inclusive and authentic workplace.We are an equal opportunity employer who values diversity and inclusion and look for applicants who understand, embrace and thrive in a multicultural world. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

    Pursuant to the SF Fair Chance Ordinance, we will consider employment for qualified applicants with arrests and conviction records.To learn more about what information we collect and how it may be used, please refer to our California Candidate Privacy Notice.

    Life at Ethos Life

    Ethos provides modern, ethical life insurance to protect the life you're building and the people you love. Ethos is built for people who don't have time for fine print, extra doctors appointments or hidden fees. We transformed a 15-week process of paper applications and medical exams, into just the click of a button - by quantifying the user’s health risk using predictive models. Tens of thousands of customers have already experienced the future of life insurance through Ethos. Ethos is making a big splash in this massive $650B market. Our team hails from companies such as Google, Facebook, Snapchat, Instagram, Uber, and Goldman Sachs. We have raised over $100M in funding and our investors include Sequoia Capital and Accel Partners, as well as celebrity investors such as Jay-Z, Kevin Durant and Robert Downey Jr. Licenses: https://www.ethoslife.com/licenses
    Thrive Here & What We Value1. Diverse, inclusive, and authentic workplace2. Equal opportunity employer valuing diversity and inclusion3. Commitment to protecting the next million families through life insurance4. Focus on building best-in-class underwriting technology5. Making getting life insurance easier, faster, and better for everyone6. Emphasis on innovation and experimentation7. Encouragement of failure as a learning opportunity8. Strong focus on customer advocacy9. Competitive salary range ($113,000 to $189,000)10. Commitment to not discriminating based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status11. Dedication to building a diverse, inclusive and authentic workplace12. Values diversity and inclusion13. Equal opportunity employer who does not discriminate based on various characteristics14. Pursuant to the SF Fair Chance Ordinance, considers qualified applicants with arrests and conviction records15. Embraces multiculturalism16. Does not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status17. Values applicants who understand, embrace and thrive in a multicultural world18. Emphasis on growth and development for employees19. Focus on providing excellent customer service20. Commitment to building a diverse, inclusive, and authentic workplace21. Values teamwork and collaboration22. Encourages open communication and feedback23. DataDriven Decision Making24. Emphasis on operational excellence25. Constant improvement and optimization26. Focus on building real-time data pipelines27. Commitment to maintaining change control for data infrastructure28. A/B Test Framework and Reporting
    View more
    Your tracker settings

    We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

    By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

    logo innerThatStartupJob
    Discover the best startup and their job positions, all in one place.
    Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
    AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
    Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
    CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
    Copyright © 2024