Lambda
Join to apply for the
Senior Security GRC Analyst
role at
Lambda .
This role will focus on validating and verifying the organization’s security controls across ISO 27001, 27701, PCI, SOC 2 and other regulatory frameworks to ensure alignment with business objectives. The position requires presence in San Francisco or San Jose office 4 days per week; the work‑from‑home day is Tuesday.
Base pay range $154,000.00/yr - $231,000.00/yr
What You’ll Do
Validate and verify the organization’s security controls meet ISO 27001, 27701, PCI, SOC 2, and other regulatory requirements.
Manage the IT Risk Register: identify, track, and prioritize risks.
Drive remediation of control deficiencies and gaps.
Guide Control Owners in planning, designing, implementing, operating, maintaining, and remediating control activities and supporting requirements.
Communicate with technical and non‑technical stakeholders on cybersecurity risk and controls management topics and program‑specific reporting.
Assume responsibility for the Customer Trust program, including managing customer assessments and security questionnaires.
Assist control owners with root‑cause analysis and track risk‑management action‑plan progress.
Create risk metrics for management regarding information security control maturity, compliance status, risks, and performance.
Assist with third‑party risk management assessment process, ensuring consistent enforcement of information‑security requirements.
You
Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs.
In‑depth knowledge of ISO 27001, 27701, PCI‑DSS, SOC, NIST CSF and other regulatory requirements.
Experience managing and running audits, certification programs, and control assessments, including scope planning, control testing, and mapping issues to risks.
Collaborated closely with engineers, business teams, and security partners (incident response, red teams, architects) to integrate cybersecurity controls into daily operations.
Strong ability to define, drive, and execute a program vision, strategy, approach, and milestones aligned with organizational priorities.
Nice to Have
Experience in the machine‑learning or computer‑hardware industry.
Experience with Security by Design and/or Privacy by Design principles.
Familiarity with standard cyber‑control frameworks (CIS Top 18, NIST CSF, NIST 800.53, 800.171, CMMC, ISO 27001, 27701, SOX ITGC).
Broad knowledge of IT infrastructure and architecture, including OS, networks, databases, ERP systems.
Familiarity with third‑party tools (Audit Board, Whistic, RSA Archer, ServiceNow).
Certifications: CISA, CISM, CISSP, CRISC.
Experience with AI infrastructure, machine‑learning, and/or computer‑hardware industry.
Salary Range Information The annual salary range for this position has been set based on market data and other factors. A salary above or below this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.
About Lambda
Founded in 2012, ~400 employees (2025) and growing fast.
We offer generous cash & equity compensation.
Investors include Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In‑Q‑Tel, KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, US Innovative Technology, Gradient Ventures, Mercato Partners, SVB, 1517, Crescent Cove.
We are experiencing extremely high demand for our systems, with quarter‑over‑quarter, year‑over‑year profitability.
Our research papers have been accepted at top machine‑learning and graphics conferences (NeurIPS, ICCV, SIGGRAPH, TOG).
Health, dental, and vision coverage for you and your dependents.
Wellness and commuter stipends for select roles.
401k plan with 2% company match (USA employees).
Flexible Paid Time Off Plan that we all actually use.
A Final Note You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills.
Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation, gender identity, genetic information, veteran status, citizenship or any other factor prohibited by law.
#J-18808-Ljbffr
Senior Security GRC Analyst
role at
Lambda .
This role will focus on validating and verifying the organization’s security controls across ISO 27001, 27701, PCI, SOC 2 and other regulatory frameworks to ensure alignment with business objectives. The position requires presence in San Francisco or San Jose office 4 days per week; the work‑from‑home day is Tuesday.
Base pay range $154,000.00/yr - $231,000.00/yr
What You’ll Do
Validate and verify the organization’s security controls meet ISO 27001, 27701, PCI, SOC 2, and other regulatory requirements.
Manage the IT Risk Register: identify, track, and prioritize risks.
Drive remediation of control deficiencies and gaps.
Guide Control Owners in planning, designing, implementing, operating, maintaining, and remediating control activities and supporting requirements.
Communicate with technical and non‑technical stakeholders on cybersecurity risk and controls management topics and program‑specific reporting.
Assume responsibility for the Customer Trust program, including managing customer assessments and security questionnaires.
Assist control owners with root‑cause analysis and track risk‑management action‑plan progress.
Create risk metrics for management regarding information security control maturity, compliance status, risks, and performance.
Assist with third‑party risk management assessment process, ensuring consistent enforcement of information‑security requirements.
You
Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs.
In‑depth knowledge of ISO 27001, 27701, PCI‑DSS, SOC, NIST CSF and other regulatory requirements.
Experience managing and running audits, certification programs, and control assessments, including scope planning, control testing, and mapping issues to risks.
Collaborated closely with engineers, business teams, and security partners (incident response, red teams, architects) to integrate cybersecurity controls into daily operations.
Strong ability to define, drive, and execute a program vision, strategy, approach, and milestones aligned with organizational priorities.
Nice to Have
Experience in the machine‑learning or computer‑hardware industry.
Experience with Security by Design and/or Privacy by Design principles.
Familiarity with standard cyber‑control frameworks (CIS Top 18, NIST CSF, NIST 800.53, 800.171, CMMC, ISO 27001, 27701, SOX ITGC).
Broad knowledge of IT infrastructure and architecture, including OS, networks, databases, ERP systems.
Familiarity with third‑party tools (Audit Board, Whistic, RSA Archer, ServiceNow).
Certifications: CISA, CISM, CISSP, CRISC.
Experience with AI infrastructure, machine‑learning, and/or computer‑hardware industry.
Salary Range Information The annual salary range for this position has been set based on market data and other factors. A salary above or below this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.
About Lambda
Founded in 2012, ~400 employees (2025) and growing fast.
We offer generous cash & equity compensation.
Investors include Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In‑Q‑Tel, KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, US Innovative Technology, Gradient Ventures, Mercato Partners, SVB, 1517, Crescent Cove.
We are experiencing extremely high demand for our systems, with quarter‑over‑quarter, year‑over‑year profitability.
Our research papers have been accepted at top machine‑learning and graphics conferences (NeurIPS, ICCV, SIGGRAPH, TOG).
Health, dental, and vision coverage for you and your dependents.
Wellness and commuter stipends for select roles.
401k plan with 2% company match (USA employees).
Flexible Paid Time Off Plan that we all actually use.
A Final Note You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills.
Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation, gender identity, genetic information, veteran status, citizenship or any other factor prohibited by law.
#J-18808-Ljbffr