Senior Security GRC Analyst

📋 Description

• Conduct risk assessments for security issues across Information Security, Technology, and Corporate Engineering, and recommend actions.
• Perform security control testing; assess design/effectiveness; track remediation to closure.
• Partner with engineering leaders and CISOs to report risk posture aligned with standards and regulatory requirements.
• Support regulatory exams/audits and due diligence, including SOC and ISO engagements; coordinate responses.
• Monitor and report risk metrics to identify gaps and strengthen governance.
• Contribute to automation and AI-enabled improvements within GRC to streamline testing and reporting.

🎯 Requirements

• Bachelor’s degree in CS/Engineering/Info Systems/Finance or related field.
• 5+ years in security, tech risk, audit, or governance, risk, and compliance in regulated industries.
• Experience with control testing, risk assessments, and SOC 2/ISO regulatory exams.
• Knowledge of policies and standards to support risk management and exception governance.
• Ability to communicate with senior leaders and guide remediation discussions.
• Experience with GRC platforms and standard productivity tools.
• Strong organizational skills; able to work independently while managing multiple priorities.

🎁 Benefits

• Challenging, high-impact work to grow your career.
• Performance-based pay with bonuses, equity, and 401(k) matching.
• 100% paid health insurance for employees; 90% coverage for dependents.
• Lifestyle wallet—flexible benefits spending for wellness and learning.
• Employer-paid life and disability insurance, fertility benefits, and mental health benefits.
• Generous time off including holidays, PTO, sick time, and parental leave.