GRC Analyst

Private markets are one of the largest, most complex, and most underserved corners of global finance. Our mission at Juniper Square is to unlock their full potential. We’re the Operations Partner trusted by 2,300+ GPs, unifying technology, data, and fund administration services into a single platform that helps GPs move faster, make better decisions, and scale with precision. With $300B+ under administration and 700,000+ LPs on platform, we’ve built the scale to match our ambition. And with JunieAI, our purpose-built AI platform, we’re reimagining how private markets operate, embedding intelligence across every workflow. Founder-led since 2014, backed by $350M+ in funding, and now 1,000+ employees strong, we’re building a company designed to shape the future of private markets for decades to come.

Our culture is built for people who want to do ambitious, meaningful work alongside exceptionally talented teammates. We think like owners, move with urgency, and take pride in solving hard problems that truly matter to our customers and the future of private markets. We believe the best ideas come from open debate, deep collaboration, and diverse perspectives, which is why we believe transparency is the default and feedback makes us stronger. If you’re energized by high standards, rapid growth, and the opportunity to help define a category at a pivotal moment, come join us!

Juniper Square offers employees a variety of ways to work, ranging from a fully remote experience to working full-time in one of our physical offices. We invest heavily in digital-first operations, allowing our teams to collaborate effectively across 27 U.S. states, 2 Canadian Provinces, India, Luxembourg, and England. We also have physical offices in San Francisco, New York City, Mumbai and Bangalore for employees who prefer to work in an office some or all of the time.

The GRC Analyst is responsible for supporting the organisation's GRC program including the third-party risk management program. The ideal candidate will have a strong understanding and experience building scalable, right-sized risk processes compliant with applicable laws and customer commitments. The successful candidate will also possess strong analytical and problem-solving skills, as well as excellent communication and interpersonal skills. This role will work closely with a broad set of cross-functional stakeholders within the company and should be able to build a rapport and influence towards appropriate risk management outcomes.

• Vendor and contractor risk assessment process during onboarding, adhering to a defined Service Level Agreement (SLA).

• Conduct annual vendor monitoring and re-assessment processes for existing vendors.

• Maintain the vendor inventory and collaborate with vendors on an ongoing basis to reduce identified risks.

• Triage incoming technical security requests for vendor application/system integrations and route to appropriate teams for input.

• Help mature the classification and management framework for critical vendors.

• Benchmark, identify, drive, and manage improvements to the vendor security risk management program.

• Develop, maintain, and analyze reporting and metrics to provide leadership with clear visibility into the vendor and third-party risk posture.

• Compliance

  • Work with cross-functional teams to procure controls evidence to provide to external auditors timely and issue reports timely.

  • Monitor and test effectiveness of compliance control health throughout the year; not just during audits

• Customer Trust

  • Maintain our trust center by keeping security documents and knowledge base up-to-date

  • Support sales teams with open security and privacy questions

  • Support customer security and privacy audits

• Policy Management

  • Update policies and procedures annually while incorporating stakeholder feedback and obtain approval

  • Define and manage incoming policy exceptions on an ongoing basis to manage associated risk

• Security and Privacy Training and Awareness

  • Develop and implement role and team specific security and privacy training working closely with key business partners.

  • Manage the roll-out, escalation and completion of all security and privacy training modules.

• Collect and report on key GRC performance metrics

• Maintain business unit risk registers with existing teams on a monthly basis to appropriately address key risks areas

• Bachelor's degree in information systems, engineering, business, risk management, or a related field

• 5+ years of security/GRC experience, including substantial experience with vendor security risk management and performing vendor security reviews/audits.

• Proven experience in managing and improving vendor security risk programs, including familiarity with vendor security questionnaires for third-party assessments.

• Direct experience, knowledge and understanding of major security frameworks, regulations, and standards such as SOC 2 and ISO 27001.

• Experience working effectively with diverse teams to influence security and compliance outcomes across the organization (e.g., Procurement, IT, Security, Engineering, Legal)

• Experience developing and maintaining scalable GRC processes

• Ability to partner with stakeholders collaboratively to implement a scalable approach to TPRM

• Excellent communication and interpersonal skills

• Prior experience with major GRC software solutions