LTK · 21 hours ago
Security GRC Sr Analyst I
United States
Full-time
Remote
Senior Level
5+ years expLTK is a global technology platform that empowers lifestyle creators to monetize their content. The Security GRC Sr Analyst I will collaborate with cross-functional teams to ensure compliance with security standards, manage risk assessments, and lead security awareness programs.
Brand MarketingFashionInternetMarketingMobile Apps
No H1B
Responsibilities
Maintain a centralized repository of security controls and requirements
Map internal controls to relevant regulatory frameworks and standards (e.g., SOC 2, GDPR, CCPA, PCI-DSS)
Serve as the primary point of contact for customer security questionnaires and vendor contract reviews
Articulate our security posture to external partners and clients to support sales enablement
Coordinate internal and external compliance audits
Manage the evidence collection process and track audit findings (issues) to remediation, ensuring timely closure of gaps
Lead security risk assessments for new projects, technologies, and vendors
Guide stakeholders through the process of identifying threats and vulnerabilities
Maintain the corporate risk register
Track identified risks, mitigation plans, and risk acceptance decisions to ensuring leadership has visibility into the organization's risk landscape
Oversee the third-party risk management program
Assess the security posture of vendors and partners, monitoring for changes in their risk profile throughout the relationship lifecycle
Measure and report on the overall maturity of the security program against established goals and KPIs
Own the lifecycle of information security policies, standards, and procedures
Review, update, and publish documentation to ensure it accurately reflects LTK's security commitments and aligns with industry best practices (e.g., NIST, ISO 27001)
Collaborate with technical teams to translate complex security requirements into clear, accessible policy language
Develop and deliver engaging security awareness training materials
Orchestrate and analyze simulated phishing campaigns
Use data from these campaigns to identify vulnerable user groups and tailor training interventions accordingly
Qualification
Required
5+ years of relevant experience in a Cyber Security Risk and Compliance
Deep understanding of common security frameworks and standards such as NIST CSF, ISO 27001, SOC 2, and PCI-DSS
Excellent written and verbal communication skills. You must be able to explain complex security risks to non-technical stakeholders and leadership
Bachelor's degree in Computer Science, Information Systems, Business Administration, or equivalent work experience
Preferred
CISA
CISSP
CRISC
CISM
A mindset focused on seizing opportunities and moving with urgency
Dedication to fierce prioritization and operational excellence
Adaptability to a dynamic, fast-moving environment
A growth mindset and openness to feedback
Benefits
401(k) with LTK company matching
Medical Insurance, Vision Insurance, Dental Insurance
Paid Maternity Leave and Paid Paternity Leave
Summer Fridays and Flexible PTO
Company
LTK
LTK is a marketing company that offers retail sales and shopping apps.
501-1000 employees
Funding
Current Stage
Late StageTotal Funding
$315MKey Investors
SoftBank Vision FundMaverick Ventures
2021-11-22Series Unknown· $300M
2015-06-30Series A· $15M
2012-04-10Angel
Leadership Team
Baxter Box
Co-Founder, CEO
Amber Venz Box
President
Recent News
2025-12-30
Global Cosmetic Industry Magazine
2025-09-30
MarketScreener
2025-09-26
Company data provided by crunchbase