Security Risk and Compliance Analyst
Unqork empowers enterprises to accelerate growth by rapidly building, testing, and running AI-powered applications that embody the future of enterprise development. Trusted by the world’s largest organizations in highly regulated industries, these applications become more secure over time while significantly reducing technical debt—allowing businesses to focus on innovation rather than maintenance. Unqork’s customers include Goldman Sachs, Marsh, BlackRock, and the U.S. Department of Health and Human Services.
At Unqork, we value inclusive and innovative thinkers who boldly challenge the status quo. We encourage you to apply!
The Impact U will make:
You will be a member of the Unqork Security Risk Management team and work directly with Information Security, Engineering, Sales, IT, Finance, and Platform Teams
Contribute to security and enterprise risk management by identifying and analyzing security risks and assisting in remediation efforts
Manage the risk register and control enhancement forum tickets.
Maintain security policies, procedures, and awareness training materials
Maintain a risk and control framework with automated and continuous control monitoring
Run user access reviews and new access approval workflow automation and processes
Own the security and privacy vendor and supply chain risk management review and assessment processes
Manage customer security question triage and RFP responses with automation
Conduct business impact analysis and continuity exercises across the company
Enhance and maintain Unqork Trust Portal and due diligence packages
Produce key security and risk performance and compliance metrics for executive reporting
Support annual SOC 2 Type 2 and ISO 27001 assistance and support during yearly assessments and continuous monitoring of controls
Support FedRAMP Security Assessment Framework compliance maintenance
Enhance Privacy regulation self assessments and compliance monitoring
What U bring:
3+ Years of relevant privacy and security compliance, risk, and governance experience - experience at a SaaS and cloud-first company preferred.
Proficiency in security and privacy principles, best-practices, frameworks and regulations (i.e. Proficiency in NIST risk assessment methodologies, ISO 27001, SOC 1, SOC 2, DORA, GDPR).
Knowledge of AWS, Azure, and GCP cloud security architecture and controls.
Deep understanding of ISO 27001 and SOC 2 audit processes.
Knowledge of privacy regulations and data protection US and global requirements..
Incident response and mitigation management and knowledge.
Continuous improvement mindset and ability to enhance processes
Drives process automation to streamline workflows and reduce manual effort.
Awareness of security training techniques and methods and ownership of security and privacy training program development.
Experience with project management and GRC tools
Ability to analyze security issues and recommend solutions.
Effective communication skills for collaborating with internal teams and clients.
Enhanced problem-solving skills for risk scenarios.
Eager to develop relationships with internal stakeholders.
Time management skills for balancing multiple tasks.
Ability to independently handle assigned responsibilities.
Eagerness to stay updated with industry trends and emerging threats.
Compensation, Benefits, & Perks
💻 Work from home with a remote-first community
🏝 Unlimited PTO (and the encouragement to use it)
📝 Student loan payback program
🏥 100% employer-covered medical, dental, and vision options available to you and your dependents
💸 Flexible Spending Account (FSA)
🏠 Monthly stipend toward your WFH setup, vacation, development and more
💰 Employer-sponsored 401(k) with contribution match
🏋🏻♀️ Subsidized ClassPass Membership
🍼 Generous Paid Parental Leave
💲 Hiring Ranges:
Tier 1: $80,800 - $101,000 base salary
Tier 2: $72,700 - $90,900 base salary
Unqork employs a market-driven approach to establish compensation ranges. In addition to a base salary, employees may also be eligible to receive a target incentive and company equity in the form of stock options.
An employee’s compensation within the range provided above depends on a variety of factors including, but not limited to, their location, role, skillset, level of experience, and similar peer salaries.
As a remote-first company, Unqork incorporates a geographic differential into our compensation structure, depending on the candidate’s location. We utilize a tiered system—Tier 1 and Tier 2—to accurately reflect local market rates and ensure our compensation packages are both fair and competitive. Our geographic tiers are defined as follows:
Tier 1: New York Metro, Seattle Metro, San Francisco Bay Area
Tier 2: All other US and US territory locations
Unqork embraces a culture of security and privacy awareness by consistently safeguarding sensitive information, adhering to company policies, and actively participating in training and initiatives to protect our data and the privacy of our stakeholders.
Unqork is an equal opportunity employer. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.
#LI-AR1
About the job
Apply for this position
Security Risk and Compliance Analyst
Unqork empowers enterprises to accelerate growth by rapidly building, testing, and running AI-powered applications that embody the future of enterprise development. Trusted by the world’s largest organizations in highly regulated industries, these applications become more secure over time while significantly reducing technical debt—allowing businesses to focus on innovation rather than maintenance. Unqork’s customers include Goldman Sachs, Marsh, BlackRock, and the U.S. Department of Health and Human Services.
At Unqork, we value inclusive and innovative thinkers who boldly challenge the status quo. We encourage you to apply!
The Impact U will make:
You will be a member of the Unqork Security Risk Management team and work directly with Information Security, Engineering, Sales, IT, Finance, and Platform Teams
Contribute to security and enterprise risk management by identifying and analyzing security risks and assisting in remediation efforts
Manage the risk register and control enhancement forum tickets.
Maintain security policies, procedures, and awareness training materials
Maintain a risk and control framework with automated and continuous control monitoring
Run user access reviews and new access approval workflow automation and processes
Own the security and privacy vendor and supply chain risk management review and assessment processes
Manage customer security question triage and RFP responses with automation
Conduct business impact analysis and continuity exercises across the company
Enhance and maintain Unqork Trust Portal and due diligence packages
Produce key security and risk performance and compliance metrics for executive reporting
Support annual SOC 2 Type 2 and ISO 27001 assistance and support during yearly assessments and continuous monitoring of controls
Support FedRAMP Security Assessment Framework compliance maintenance
Enhance Privacy regulation self assessments and compliance monitoring
What U bring:
3+ Years of relevant privacy and security compliance, risk, and governance experience - experience at a SaaS and cloud-first company preferred.
Proficiency in security and privacy principles, best-practices, frameworks and regulations (i.e. Proficiency in NIST risk assessment methodologies, ISO 27001, SOC 1, SOC 2, DORA, GDPR).
Knowledge of AWS, Azure, and GCP cloud security architecture and controls.
Deep understanding of ISO 27001 and SOC 2 audit processes.
Knowledge of privacy regulations and data protection US and global requirements..
Incident response and mitigation management and knowledge.
Continuous improvement mindset and ability to enhance processes
Drives process automation to streamline workflows and reduce manual effort.
Awareness of security training techniques and methods and ownership of security and privacy training program development.
Experience with project management and GRC tools
Ability to analyze security issues and recommend solutions.
Effective communication skills for collaborating with internal teams and clients.
Enhanced problem-solving skills for risk scenarios.
Eager to develop relationships with internal stakeholders.
Time management skills for balancing multiple tasks.
Ability to independently handle assigned responsibilities.
Eagerness to stay updated with industry trends and emerging threats.
Compensation, Benefits, & Perks
💻 Work from home with a remote-first community
🏝 Unlimited PTO (and the encouragement to use it)
📝 Student loan payback program
🏥 100% employer-covered medical, dental, and vision options available to you and your dependents
💸 Flexible Spending Account (FSA)
🏠 Monthly stipend toward your WFH setup, vacation, development and more
💰 Employer-sponsored 401(k) with contribution match
🏋🏻♀️ Subsidized ClassPass Membership
🍼 Generous Paid Parental Leave
💲 Hiring Ranges:
Tier 1: $80,800 - $101,000 base salary
Tier 2: $72,700 - $90,900 base salary
Unqork employs a market-driven approach to establish compensation ranges. In addition to a base salary, employees may also be eligible to receive a target incentive and company equity in the form of stock options.
An employee’s compensation within the range provided above depends on a variety of factors including, but not limited to, their location, role, skillset, level of experience, and similar peer salaries.
As a remote-first company, Unqork incorporates a geographic differential into our compensation structure, depending on the candidate’s location. We utilize a tiered system—Tier 1 and Tier 2—to accurately reflect local market rates and ensure our compensation packages are both fair and competitive. Our geographic tiers are defined as follows:
Tier 1: New York Metro, Seattle Metro, San Francisco Bay Area
Tier 2: All other US and US territory locations
Unqork embraces a culture of security and privacy awareness by consistently safeguarding sensitive information, adhering to company policies, and actively participating in training and initiatives to protect our data and the privacy of our stakeholders.
Unqork is an equal opportunity employer. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.
#LI-AR1