Senior GRC Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Rillet · 23 hours ago

Senior GRC Analyst

positionNew York, NY
timeFull-time
remoteHybrid
senioritySenior Level
date5+ years exp

Rillet is a high-growth fintech company that serves finance teams by providing AI-native ERP solutions. As a Senior GRC Analyst, you will establish the governance, risk, and compliance program, focusing on SOC 2 Type II certification and building scalable compliance processes to support product velocity.

AccountingArtificial Intelligence (AI)Enterprise Resource Planning (ERP)FinanceFinancial ServicesFinTechSaaS

Responsibilities

Own and drive our SOC 2 Type II and SOC1 Type II certifications from scoping through audit completion, establishing controls that scale with our hypergrowth while maintaining our legendary shipping velocity
Build Rillet's compliance program including policies, procedures, and control frameworks for SOC 2, ISO 27001, GDPR, SOC 1 and financial services regulations, creating documentation that passes auditor scrutiny and actually gets used by the team
Partner with engineering leadership to implement secure development practices, conduct risk assessments, and embed security requirements into the product roadmap without becoming a bottleneck
Enable enterprise sales by leading customer security assessments, managing the security questionnaire process, and providing the documentation and confidence that closes seven-figure deals faster
Monitor and manage risk across our infrastructure, vendors, and operations, building automated compliance monitoring that gives real-time visibility into our security posture

Qualification

SOC 2 Type II certificationISO 27001 certificationSecurity complianceRisk assessmentsCloud securityEntrepreneurial mindsetCommunication skills

Required

5+ years of experience in GRC, security compliance, or information security roles, with at least 2 years leading SOC 2 or ISO 27001 certification efforts
Hands-on experience successfully completing SOC 2 Type II audits, ideally at a high-growth B2B SaaS or fintech company handling sensitive data
Deep understanding of security frameworks (SOC 2, ISO 27001, NIST CSF) and data privacy regulations (GDPR, CCPA), with the ability to translate requirements into practical controls
Technical fluency to collaborate effectively with engineering teams on security architecture, vulnerability management, and cloud security (AWS/GCP/Azure)
Track record of building compliance programs that enable fast product iteration rather than slowing teams down, with a bias toward automation and scalable processes
Exceptional communication skills with the ability to translate complex security concepts for executives, engineers, and customers alike
Entrepreneurial mindset with extreme ownership—you don't need a playbook or a large team, you build what needs to exist

Benefits

Top-tier health and dental insurance, premiums partially or fully covered for you, plus 90% coverage for dependents
Flexible PTO and 9 company-wide holidays
Team offsites in incredible locations

Company

Rillet

twittertwittertwitter
company-logo
Rillet is an AI-native ERP platform that automates accounting for complex revenue models.
dateFounded in 2021
location
Palo Alto, California, USA
people-size51-200 employees
web-link
https://www.rillet.com

Funding

Current Stage
Growth Stage
Total Funding
$108.5M
Key Investors
Sequoia Capital
2025-08-06Series B· $70M
2025-05-28Series A· $25M
2024-07-29Seed· $13.5M

Leadership Team

leader-logo
Nicolas Kopp
CEO & Founder
linkedin

Recent News

Business Wire
Wiss Enters 2026 With Unprecedented Momentum Across Growth, Innovation, and Talent
2025-12-16
PR Newswire
Cube and Rillet Team Up to Bring Real-Time, AI-Powered Financial Intelligence to Modern Finance Teams
2025-12-05
Want AI that actually works? Start by designing it around people, not tickets | CIO
What to look for in an AI implementation partner
2025-11-19
Company data provided by crunchbase