GRC Analyst

About the team

We protect our customers and our platform. We build security into our software and processes from day one.

About the role

You will own meaningful scope in Security. You will partner across Product, Engineering, Design, Data, and GTM to ship value fast.

What you’ll do

• Secure SDLC and cloud infrastructure across the stack.
• Build detection, response, and vulnerability management.
• Run risk, controls, and audits for SOC 2 and ISO 27001.
• Enable privacy by design with Legal and Product.
• Educate teams and measure risk reduction.
• Embed secure-by-default patterns and threat modeling in your area.

First 90 days

• 30d: assess posture and priorities
• 60d: close critical findings and improve coverage
• 90d: pass an audit milestone or tabletop exercise

What you’ll bring

• Relevant experience in a similar role within SaaS or platforms
• Ability to turn ambiguity into clear plans and shipped work
• Strong collaboration across functions and comfort with data
• Clear written communication and simple, practical thinking
• Bachelor’s or higher in Computer Science, Information Security, or a related field

You’ll do well here if you

• Care about customer outcomes and craft
• Enjoy shipping fast and improving with data
• Keep things simple and raise the quality bar

Compensation and benefits

• Base 150k to 200k USD. Equity and comprehensive benefits. Local ranges apply outside the US.. Equity and comprehensive benefits. Local ranges apply outside the US.. Equity and comprehensive benefits. Local ranges apply outside the US.. Equity and comprehensive benefits. Local ranges apply outside the US.
• Competitive equity grants
• Health, time off, learning, and wellness benefits; details vary by location
• High-spec laptop and budget for your workspace

About the team

• Raise HoopAI’s security bar across the Americas deployments.
• Embed security reviews early in design and architecture.
• Maintain ISO/SOC programs and vendor assessments.
• Coach teams through secure-by-default habits.
• Evolve policies, detection, and response with measurable risk reduction.
• Partner with Legal and GTM for enterprise assurance and audits.

What you'll do

• Run reviews, threat models, and drive secure defaults.
• Collaborate cross-functionally and communicate crisply.
• Document decisions and tradeoffs for future maintainers.
• Ship iteratively with measurable impact and clear owners.
• Improve detection, response, and audit readiness.

What you'll bring

• Bachelor’s degree in Computer Science, Information Security, or related field
• Knowledge of modern threats and controls.
• Experience partnering with product/infra teams.
• Strong ownership, bias to action, and crisp communication.
• Ability to work across time zones with clear written updates.