Senior Compliance Analyst

Job not on LinkedIn

🔥 0 minutes ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of AlphaSense

AlphaSense

1001 - 5000 employees

Founded 2011

🤖 Artificial Intelligence

💸 Finance

🏢 Enterprise

💰 Debt Financing on 2022-06

Artificial Intelligence • Finance • Enterprise

AlphaSense is a market intelligence and search platform that empowers companies to unlock critical insights across an extensive universe of public and private content, including company filings, broker research, expert calls, and market trends. Its AI-driven technology affords users the ability to conduct comprehensive due diligence with speed and accuracy, reducing uncertainty and blind spots in decision-making. Trusted by major corporations, financial institutions, and asset management firms globally, AlphaSense serves sectors such as financial services, health care, and technology by providing generative AI-powered solutions that integrate internal proprietary data with external premium content.

📋 Description

• Own the full evidence collection lifecycle across all active audit and continuous compliance cycles. Coordinate with control owners to gather, validate, and organize evidence artifacts in the GRC platform (Drata or equivalent). Use AI-assisted workflows to pre-stage evidence, flag stale artifacts, and reduce the manual burden on engineering and IT teams—making it easier for control owners to do this right than to skip it. • Serve as the primary operational point of contact for external auditors during Stage 1, Stage 2, and surveillance audits. Manage auditor portals, respond to RFIs, track open items to closure, and ensure auditors leave each engagement with a complete, accurate view of how AlphaSense's controls operate in practice. Findings get closed before they become repeat findings. • Perform ongoing monitoring and periodic testing of implemented controls. Document control effectiveness, identify gaps, and work with control owners to remediate deficiencies on defined timelines. Map findings to applicable framework requirements across SOC 2, ISO 27001, and ISO 42001. Contribute to transitioning point-in-time control testing toward continuous, automated validation. • Maintain and update security policies, standards, and procedures to keep them aligned with current operational reality and framework requirements. Ensure documentation is version-controlled, accessible, and demonstrably distributed and attested to—satisfying auditor requirements without relying on static PDFs or manual tracking. • Identify and implement opportunities to use AI tools to streamline evidence gathering, control narrative drafting, audit preparation, and gap analysis. Operate in a human-in-the-loop model: AI accelerates the work, you validate for accuracy, completeness, and confidentiality before anything ships. Actively share what works with the broader GRC team. • Support compliance efforts related to AI regulations and standards including EU AI Act, ISO 42001, and NIST AI RMF. Assist with risk assessments, documentation, and audit evidence for AI governance controls. Collaborate with Engineering and Product to ensure secure and responsible use of generative AI tools across the organization. • Partner with Engineering, IT, Legal, and Product to ensure control ownership is clear, evidence is readily available, and compliance requirements are embedded into operational processes—not bolted on at audit time. Provide risk and control guidance on post-implementation reviews and remediation activities. Help stakeholders interpret requirements and build controls into how they actually work.

🎯 Requirements

• 6+ years of experience in GRC, information security, risk management, or IT audit, preferably in a SaaS or cloud-native environment • Strong understanding of security and compliance frameworks including SOC 2, ISO 27001, NIST CSF 2.0, and CIS Controls; working knowledge of ISO 42001 and NIST AI RMF • AI-native mindset: you use AI tools—LLMs, agents, automation—for real, substantive work including analysis, drafting, evidence gathering, and workflow automation. You apply judgment about where AI creates leverage and where a human must stay in the loop • Proficiency with GRC platforms for evidence management and control testing (Drata, Vanta, AuditBoard, ServiceNow GRC, or equivalent) • Familiarity with cloud environments (AWS, Azure, or GCP) and the security and compliance posture tooling that runs on them (CSPM, SIEM, identity platforms) • Experience supporting external audits across security or privacy domains, including evidence collection, control walkthroughs, and auditor interaction • Ability to interpret technical controls and translate findings into compliance, risk, and policy documentation that engineers and non-technical stakeholders both understand • Working knowledge of risk registers, control libraries, and policy governance lifecycles • Working knowledge of privacy and data protection requirements (GDPR, CCPA/CPRA) and how they intersect with security controls, in partnership with Legal and Product teams • Strong written communication, analytical thinking, and attention to detail; able to produce clear audit responses, risk narratives, and control documentation under deadline • Hands-on experience managing end-to-end audit evidence collection across ISO 27001, SOC 2 Type II, or equivalent frameworks in a SaaS or cloud environment • Direct operational experience working with external auditors as the primary compliance or audit liaison—walkthroughs, RFI responses, finding management • Automation-first mentality with demonstrated experience working in an organization that has implemented automated evidence collection—you default to building workflows over doing things manually, and you actively improve the automation rather than working around it • Demonstrated use of AI tools (LLMs, AI-assisted GRC workflows) to accelerate compliance work: drafting, research, evidence review, or gap analysis—with a clear practice of validating AI output before it ships • Experience maintaining policy governance lifecycles from drafting through distribution, attestation, and version control • Strong organizational skills and ability to manage multiple concurrent audit workstreams without losing detail.

Apply Now

Similar Jobs

🔥 6 hours ago

ICON plc

10,000+ employees

💊 Pharmaceuticals

🧬 Biotechnology

⚕️ Healthcare Insurance

Manager of Regulatory Affairs at ICON handling regulatory guidance and submissions for drug development. Leading teams and collaborating to develop best practices in regulatory processes.

🔥 14 hours ago

OpenFX

1 - 10

💳 Fintech

🏦 Banking

🛍️ eCommerce

Compliance Operations Lead overseeing compliance workflows across markets and ensuring regulatory adherence at fintech startup. Leading Compliance Ops team while operationalizing policies and standards.

🕒 5 days ago

QAD

1001 - 5000

🏢 Enterprise

☁️ SaaS

Senior Process and Compliance Analyst at QAD managing compliance activities and internal audits. Ensuring adherence to industry standards in cybersecurity and process management.

🕒 5 days ago

Empower

10,000+ employees

💸 Finance

💳 Fintech

👥 B2C

Sr Analyst providing support for monitoring personal trading activity at Empower. Collaborating with business partners to execute Compliance processes and regulatory research.

🕒 6 days ago

Sprinto

51 - 200

Senior GRC Consultant driving compliance for federal and complex frameworks at Sprinto. Leading delivery of security and risk assessments for clients across the federal space.