logo inner

Senior Security Risk and Compliance Analyst

NayyaNew York, New York, United StatesRemote, Hybrid
This job is no longer open

About Nayya


Founded in 2019, Nayya is on a mission to connect people’s most important information, so they can thrive in their health and wealth. Powered by AI and advanced analytics, Nayya’s platform transforms complex benefits experiences into intuitive, seamless, and ongoing interactions—meeting people meeting people's real world needs. As a trusted platform and partner to leading employers, benefits solutions, and HR tech providers, Nayya unlocks long-term value through helping employees live more resilient lives.

Backed by strategic investors like ICONIQ, Felicis Ventures, SemperVirens, Workday Ventures, MetLife Nextgen Ventures, and ADP Ventures, Nayya is ushering in the future of health and wealth for all.

About the Role


We are seeking a SeniorSecurity Risk & Compliance Analyst to lead our governance, risk, and compliance (GRC) initiatives. This role will be responsible for ensuring our organization meets regulatory and compliance requirements, managing security policies, assessing risk, and improving overall security posture. You will work closely with cross-functional teams, including Engineering, IT, and Legal, to drive security best practices and maintain trust with our customers and partners.We are looking for an expert who thrives in an environment that values impatience, excellence, resilience, and courage. 

Responsibilities


  • Develop, implement, and maintain security policies, standards, and procedures aligned with industry best practices (e.g., ISO 27001, SOC 2, NIST, GDPR, HIPAA).
  • Lead and manage compliance audits, security assessments, and certifications, ensuring continuous compliance with regulatory and contractual obligations.
  • Perform security risk assessments across internal systems, vendors, and third parties, identifying potential risks and recommending mitigation strategies.
  • Collaborate with internal teams to enhance security awareness and training programs, fostering a security-first culture.
  • Oversee vendor security evaluations and third-party risk management processes.
  • Assist in incident response planning and ensure business continuity measures are in place.
  • Track security metrics and provide reports to leadership on security risks and compliance status.
  • Stay up to date with evolving security regulations, frameworks, and industry trends.

Requirements


  • 3+ years of experience in security risk management, compliance, or GRC roles.
  • Strong understanding of industry security frameworks such as ISO 27001, SOC 2, NIST, CIS, GDPR, and HIPAA.
  • Experience conducting security audits, risk assessments, and policy development.
  • Familiarity with vendor risk management and third-party security assessments.
  • Excellent communication and collaboration skills, with the ability to translate security concepts for non-technical stakeholders.
  • Strong analytical and problem-solving skills.
  • Security certifications such as CISSP, CISM, CISA, or CRISC are a plus
  • Must be able to work onsite at our office Tuesday through Thursday each week, with the option to work remotely on Mondays and Fridays.

The salary range for New York based candidates for this role is $125,000 - $160,000. We use a location factor to adjust this range for candidates that are located outside of geographic region of our New York office. Placement within the salary band is determined based on experience. #LI-DD1#LI-HYBRIDNayya is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics

This job is no longer open

Life at Nayya

Nayya is a software company that helps employees promote their health and wellbeing, while maximizing financial wellness. Using data science and AI, Nayya's platform personalizes the way that employees choose and use their benefits. Nayya is backed by Social Leverage, Guardian Strategic Ventures, Cameron Ventures, and Soma Capital -- and completed a top accelerator program (ERA) in New York.
Thrive Here & What We Value1. Valuesbased culture with an emphasis on empowerment and autonomy2. Highly collaborative, crossfunctional environment3. Meaningful impact on a platform that is scaling very rapidly4. Competitive Pay and Benefits package5. Equal Employment Opportunity employer6. VCbacked start-up with opportunities for early employees
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025