Blockdaemon is hiring a

Web3 Senior GRC Analyst (Contract)

Position Overview

Blockdaemon is seeking a Senior GRC Analyst to join our team and support our compliance efforts and programs, specifically focused on ISO 27001 and SOC2. The Senior GRC Analyst will play a critical role in ensuring that our organization adheres to regulatory requirements, implements effective risk management practices, and maintains high standards of governance.

This person will report directly into our GRC Director, and work closely with other cross-functional teams and stakeholders in the business. The ideal candidate will have a strong background in risk management, compliance, and governance frameworks, along with excellent analytical and communication skills.

This is a 3-month contract for a US-based candidate, with the possibility of an extension.

Your Impact

• Lead the development, implementation, and maintenance of governance frameworks, policies, and procedures to ensure compliance with applicable laws and regulations.
• Conduct risk assessments and identify areas of potential risk exposure within the organization.
• Develop risk mitigation strategies and collaborate with cross-functional teams to implement controls and monitor effectiveness.
• Provide guidance and support to internal stakeholders on compliance matters, including training programs and awareness initiatives.
• Facilitate internal audits and reviews to evaluate the effectiveness of compliance programs and controls.
• Prepare and present reports to senior management and relevant stakeholders on compliance status, risk assessments, and audit findings.
• Collaborate with external auditors and regulatory agencies as needed during audits and inspections.

Role Requirements

• 3+ years of experience in IT audit, risk management, information security, and/or compliance.
• Experience with GRC platforms (e.g. ServiceNow GRC, Vanta, Drata etc.) and understanding of their implementation and management.
• Strong knowledge of industry security frameworks including related regulatory compliance requirements (ISO27001, SOC 2, NIST CSF, NIST 800-53, GDPR, etc.)
• Ability to work well under pressure, independently and collaboratively: responsiveness, accuracy, and sense of urgency are essential to this role.
• Familiarity with various enterprise SaaS applications, cloud infrastructure such as AWS, GCP and the concepts of modern software engineering practices/tools, databases, operating systems, secure network design, and other technology relevant to cybersecurity.
• A team player with strong collaboration skills and the ability to work with minimal supervision.
• Deep knowledge of cybersecurity policies, controls, standards, and best practices
• Strong eye for detail and ability to successfully manage third party audits, gather evidence and coordinate audit response.
• Strong communication, analytical and problem-solving skills capable of managing projects that drive business objectives.

Nice-to-have skills

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• Professional certifications such as CISA, CISM, CRISC, or CISSP are highly desirable.

Apply Now: