Carta
Carta connects founders, investors, and limited partners through world‑class software tailored for venture capital, private equity and private credit. Trusted by 65,000+ companies in 160+ countries, Carta’s platform provides the software and services to build, invest, and scale with confidence.
Carta’s Fund Administration platform supports 9,000+ funds and SPVs, representing nearly $185B in assets under management. Recognized by Fortune, Forbes, Fast Company, Inc., and Great Places to Work, Carta is shaping the future of private market infrastructure.
Senior GRC Analyst II: Responsibilities
Manage and continually improve the Carta Governance, Risk, and Compliance program, aligning with security strategy and business objectives.
Develop, maintain, and lead the adoption of security policies, standards, and guidelines to ensure regulatory compliance.
Lead and coordinate internal and external security audits.
Perform security assessments of vendors, third parties, and applications.
Partner with cross‑functional teams to review initiatives that could impact compliance requirements.
Manage risk program activities including risk identification, tracking, and prioritization.
Collaborate with engineering and product teams to assess risk posture and compliance status, and support remediation activities.
Qualifications
Strong understanding and knowledge of information security and compliance frameworks such as SOC 1 & 2, ISO 27001, NIST CSF, GDPR, CCPA, FINRA, SOX, and SEC cybersecurity requirements.
Excellent judgment and ability to make balanced decisions in complex situations.
Proven understanding of public cloud infrastructure and services in AWS and GCP, including cloud‑native security protection measures, tools, and techniques.
Proven ability to collaborate with cross‑functional teams and effect change to accomplish goals.
Excellent written and verbal communication skills, including the ability to effectively communicate business and cybersecurity risk.
5+ years of experience in developing and executing governance, risk, and compliance functions.
Salary & Benefits
Salary range: $193,800 – $228,000 in San Francisco, CA; Santa Clara, CA; New York City, NY.
Salary range: $184,110 – $216,600 in Seattle, WA.
Benefits include a market‑competitive salary, equity for all full‑time roles, exceptional benefits, and, for applicable roles, commission plans.
EEO Disclosures
We are an equal‑opportunity employer and are committed to providing a positive interview experience for every candidate.
Carta uses E‑Verify in the United States for employment authorization.
For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report.
Please note that all official communications from us will come from an @carta.com or @carta‑external.com domain.
#J-18808-Ljbffr
Carta’s Fund Administration platform supports 9,000+ funds and SPVs, representing nearly $185B in assets under management. Recognized by Fortune, Forbes, Fast Company, Inc., and Great Places to Work, Carta is shaping the future of private market infrastructure.
Senior GRC Analyst II: Responsibilities
Manage and continually improve the Carta Governance, Risk, and Compliance program, aligning with security strategy and business objectives.
Develop, maintain, and lead the adoption of security policies, standards, and guidelines to ensure regulatory compliance.
Lead and coordinate internal and external security audits.
Perform security assessments of vendors, third parties, and applications.
Partner with cross‑functional teams to review initiatives that could impact compliance requirements.
Manage risk program activities including risk identification, tracking, and prioritization.
Collaborate with engineering and product teams to assess risk posture and compliance status, and support remediation activities.
Qualifications
Strong understanding and knowledge of information security and compliance frameworks such as SOC 1 & 2, ISO 27001, NIST CSF, GDPR, CCPA, FINRA, SOX, and SEC cybersecurity requirements.
Excellent judgment and ability to make balanced decisions in complex situations.
Proven understanding of public cloud infrastructure and services in AWS and GCP, including cloud‑native security protection measures, tools, and techniques.
Proven ability to collaborate with cross‑functional teams and effect change to accomplish goals.
Excellent written and verbal communication skills, including the ability to effectively communicate business and cybersecurity risk.
5+ years of experience in developing and executing governance, risk, and compliance functions.
Salary & Benefits
Salary range: $193,800 – $228,000 in San Francisco, CA; Santa Clara, CA; New York City, NY.
Salary range: $184,110 – $216,600 in Seattle, WA.
Benefits include a market‑competitive salary, equity for all full‑time roles, exceptional benefits, and, for applicable roles, commission plans.
EEO Disclosures
We are an equal‑opportunity employer and are committed to providing a positive interview experience for every candidate.
Carta uses E‑Verify in the United States for employment authorization.
For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report.
Please note that all official communications from us will come from an @carta.com or @carta‑external.com domain.
#J-18808-Ljbffr