Senior Information Security GRC Analyst

📋 Description

• Manage Branch Information Security Program and internal controls across functions.
• Champion security awareness and align with regulatory frameworks.
• Map controls to PCI, SOC 2, ISO 27001, NIST CSF, CCPA.
• Conduct gap analyses to identify deficiencies and improvements.
• Manage risk and vulnerability assessments, validation testing, and audits.
• Oversee the Drata GRC platform: data updates, audit evidence, and Trust Center access.

🎯 Requirements

• 5-7 years of experience in a similar role.
• 3+ years conducting audits (SOC 2, PCI, ISO 27001) and responses.
• Excellent communication skills.
• Knowledge of GRC tools and best practices (Drata, HyperProof, AuditBoard, OneTrust).
• Familiarity with SOC 2, PCI, NIST CSF, ISO 27001, CCPA requirements.
• CISA, CISM or working toward certification.

🎁 Benefits

• Market-leading medical, dental, and vision insurance.
• Stock options
• Free Premium-Tier Origin Financial Wellness subscription
• Monthly home-office stipend
• 401k (TransAmerica)
• 12-weeks paid parental leave for birthing and non-birthing parents