About Clear Street:

At Clear Street, we are disrupting the institutional brokerage and clearing market by modernizing archaic industry segments with brand new technology. We’re changing the way institutional investors interact with the markets by offering an alternative to working with big banks. Our cloud-based technology empowers clients to clear, settle, and finance trading activity while accessing real-time risk and position information. We’ve built a cutting-edge technology platform that powers unprecedented real-time insights and unprecedented client efficiency. 

The Team: 

Clear Street is committed to providing simple access to markets around the world. By building a platform using modern technologies, we provide our clients an innovative, premium trading experience. As a member of the governance, risk, and compliance (GRC) team, you’ll have the opportunity to shape Clear Street’s maturing security program and influence the security foundation for all our products and services. If you’re interested in joining a high-growth, fast-paced company that is revolutionizing Wall Street, come join Clear Street.

You will:

  • Have a chance to build and grow a GRC capability from the ground up. You will help design, implement, and run our overall GRC strategy.
  • Focus as much on little “c” compliance (ie: ensuring we’re doing the right things to keep our business safe and secure) as big “C” Compliance (ie: formal audits and assessments). A good GRC function focuses on reaching the business’ security objectives, not just checking boxes.
  • Support our SOC2 and ISO27001/27701 preparation and audit activities. Also, you can help select tooling to make evidence collection bearable!
  • Perform periodic review of controls, identify weaknesses, and assist with remediation.
  • Assist in writing and maintaining our internal and external security and privacy policies.
  • Serve as a GRC subject matter expert for departments within the company.
  • Respond to inbound cybersecurity and privacy third party assessment requests.
  • Assist with our incident response tabletop exercises.
  • Be supported in your professional growth in cybersecurity and privacy.
  • Have unique opportunities for learning in a fast-growing financial startup.

Requirements:

  • Experience in GRC. That can mean a lot of things ranging from being a member of a formal GRC team to “I was the person filling out all the third party risk stuff.”
  • Detailed knowledge of a compliance frameworks such as NIST CSF, SOC 2, ISO 27001, and ISO 27701.
  • General working knowledge of core cybersecurity, privacy, and related concepts such as least privilege, cloud infrastructure and cloud SaaS, GDPR, CCPA, and security operations.
  • A desire to do GRC differently. Clear Street is focused on building a GRC function that reduces friction and supports our business needs, not building a wall of process in front of everything.

Bonus Points

  • You’ve worked GRC in a finance organization.
  • You’ve written a privacy policy that is understandable by non-lawyers.
  • Some experience with public speaking. Our security team focuses on outreach and communication and there are many opportunities to “take the stage” with internal audiences through training, table top simulations, and analysis activities.

We offer:

  • The opportunity to join a small and growing team of good people, where you can make a difference.
  • A new, high-quality code base with little technical debt and room to build new services and features.
  • A meritocratic philosophy that champions collaboration.
  • Competitive compensation, benefits, and perks.

Apply for this Job

* Required