GRC & Security Specialist - East Coast

Description

Our story:

We’re anecdotes; a dynamic B-round startup founded in June 2020, who’s revolutionizing the Compliance Automation landscape for hyper-growth companies. At the heart of our mission is the belief that credible, visible, and actionable data should empower every GRC team's decision-making. Imagine a world where enterprises seamlessly collect and standardize data from hundreds of SaaS tools, cloud infrastructures, private networks, databases, and more. We bring that vision to life, providing continuous, real-time visibility into their Security Compliance posture.

What You'll Do:

• Assist in automating access revocation workflows to ensure timely and secure offboarding processes.
• Support configuration and monitoring of email security, including spam filters and phishing alerts.
• Track, escalate, research and triage InfoSec alerts and contribute to the development of continuous audit playbooks.
• Help define and maintain controls and evidence across compliance frameworks within Anecdotes platform ensuring completeness and ongoing monitoring.
• Routine upkeep of risk register, link risks to controls, and participate in regular risk review meetings.
• Create and monitor tasks tied to compliance requirements and controls within Anecdotes platform to support audit readiness and operational tracking.
• Conduct initial vendor security reviews and manage ongoing monitoring under the Vendor Management Framework.
• Support the creation and refinement of internal playbooks to guide recurring InfoSec and GRC processes.

Who You Are: 

A detail oriented and curious professional eager to grow within the intersection of cybersecurity, GRC, and automation. You likely have:

• ISO27001 Lead Auditor, AI Security Fundamentals, ISC2 Certified in Cybersecurity, CompTIA Security+
• Completed Internal Audit, facilitated external audit - Must have
• Based in East Coast US - Must
• A strong interest in GRC, InfoSec, or IT operations, ideally with some academic or practical exposure.
• Foundational knowledge of compliance frameworks (e.g., SOC 2, ISO 27001, or NIST) or risk management principles.
• Familiarity with cloud environments, SaaS tools, or cybersecurity alerting is a plus.
• A proactive mindset with the ability to manage multiple tasks, follow through on assignments, and pay close attention to detail.
• Comfort working in a startup culture; adaptable, collaborative, and motivated to learn.
• Strong communication and documentation skills.

Above all, you're excited to join a company that's not only shaping the future of GRC but also values your voice, contributions, and professional development.

Our playground 

anecdotes is a place where your ideas are heard, your contributions are valued, and your professional growth is a priority. Join us, and be part of a team that's not only shaping the future of GRC solutions but also redefining the way we work together.

Our story

None

What You'll Do

None

Requirements

None

Our playground

None

Summary

None

Slug

None