At Starburst, we are working to dismantle the status quo of data silos and vendor lock-in every single day. For decades, database companies have held their customers hostage and we believe that’s just plain wrong. Starburst offers a full-featured data lake analytics platform, built on open source Trino. Our platform includes all the capabilities needed to discover, organize, and consume data without the need for time-consuming and costly migration projects. Today more than 300 leading organizations trust us to make better decisions faster.
Though Starburst has raised $414M in venture funding from top investors, we were founded in a rather unusual way as we bootstrapped the business with customers and revenue from the very beginning! We are a remote-first company with employees all over the world and are proud to be named a Best Place to Work. Come join our team of All-Stars!
About the role
As a Senior GRC Analyst on the Security Engineering team, you will be responsible for developing and implementing internal policies, procedures, and controls to manage risks and ensure compliance with industry standards and regulations. You will play a key role in overseeing security audit and governance management, conducting risk assessments, and identifying potential risks. Additionally, you will maintain and evolve the integrated cybersecurity contracts framework and programs.
As a Senior GRC Analyst at Starburst you will:
- Develop and implement internal Starburst policies, procedures, and controls to manage risks and ensure compliance with industry standards and regulations
- Oversee security audit and governance management: optimize year-round compliance, audit and regulatory efforts
- Manage and support annual SOC 2 and global ISO 27001 audits
- Support security operations processes, such as ensuring that strong processes are implemented and followed for resolving vulnerabilities and CVEs, and responding to security incidents
- Conduct risk assessments and identify potential risks.
- Facilitate governance and track remediation for vulnerabilities and deficiencies and establish and implement resolutions based on risk impact and criticality
- Effectively communicate program execution status, key accomplishments, and risks to senior management both within Security and to our business partners
- Support customer inquiries and discussions, creating clarity, transparency, and confidence in Starburst’s security and compliance posture
- Review, negotiate, and redline contracts, including Data Protection Agreements (DPAs), with third-party vendors, partners, and customers to ensure data privacy and protection
- Maintain and evolve our integrated cybersecurity controls framework and programs
Some of the things we look for:
- The ability to work in a fast-paced and constantly evolving environment
- Strong technical background with a good understanding of security concepts and practical usage in Network Engineering, Network Security, Threat and Vulnerability Management, Database, SDLC, and Release Management
- Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries and geographies such as ISO 27001, SOC, HIPAA, HITRUST, and FedRAMP
- Proficient in public cloud-based platforms such as AWS, Azure, and GCP as well as monitoring tools such as CSPM, Vulnerability Scanning, Log Ingestion/SIEM.
- Experience implementing controls in Infrastructure as a Service (IaaS) cloud environments
- Excellent communication skills and ability to explain complex technology to diverse audiences across varying technical and business backgrounds in a way that fosters understanding and ownership
Where could this role be based?
- United States, preference for the East Coast
The base salary range for this US full-time position is $175,000 – $195,000, subject to standard withholding and applicable taxes. All candidates receive equity (ISO) and access to a comprehensive benefits offering. The base salary range reflects the minimum and maximum target for candidates across all US locations. Work location, skills, experience, and any relevant education or training determine the compensation awarded to the candidate. The Recruiting Team or Hiring Manager can share more about the specific salary range with you during the recruitment process.
Why build your career at Starburst?
We live by our three core company values: Character, Competence, and Ownership and are a team of top performers. We are each in the driver’s seat, shaping our organization and working together towards our common mission. We are solving exceptionally complex and meaningful challenges here and as we innovate, we each have the opportunity to build our careers alongside Starbursts’s growth.
We take care of our global workforce by making sure employees enjoy competitive salaries and attractive stock grants, remote-friendly work options, flexible paid time off, and more!
Starburst Data is a diverse, equitable, and inclusive place to work. Everyone is welcome at the Starburst table and we have several employee resource groups such as Womxn At Starburst, Starburst Military, and Starburst Pride. We know that the more diverse perspectives we have at the table will only serve us to make a better team and company.
Starburst provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.