GRC Analyst

📋 Description

• Coordinate IT security governance, risk and compliance enterprise-wide
• Oversee security compliance activities and risk assessments
• Respond to customer/partner security compliance requests; review agreements
• Support SOC2, ISO 27001, NIST 800-53 and other standards
• Conduct audit readiness assessments and coordinate with resources
• Administer the GRC system and collaborate on issues

🎯 Requirements

• 3+ years in a GRC role; 1+ year with GRC tools (Vanta/Drata/Sprinto).
• Experience designing and implementing security policies and controls
• Experience in external security audits; SOC2 Type II preferred
• Strong knowledge of encryption, cloud security, IDS, DLP, and app security
• Excellent communication; ability to condense complex information
• CISSP, CISM, or CISA certifications preferred

🎁 Benefits

• Hybrid work model: 2-3 days in office
• Medical insurance for employee and dependents
• Life insurance protection
• Retirement match program
• PTO including sick and casual leave
• Professional development reimbursement