Sr. GRC Analyst

📋 Description

• Conduct IT control walkthroughs across ISO 27001, PCI-DSS, SOC 1/2
• Partner with teams to design and improve control processes and docs
• Support vendor assessments against security and privacy standards
• Develop and maintain information security policies and standards
• Participate in IT SOX scoping, risk assessment, and control design
• Prepare status reports on control findings and remediation progress

🎯 Requirements

• Experience in security/IT audit and risk management with control frameworks
• Knowledge of NIST, ISO 27001, SOC 1/2, PCI-DSS
• Familiarity with cloud platforms (AWS, Azure, GCP) and cloud security controls
• Strong analytical and problem-solving skills to assess complex controls
• Collaborative, cross-functional team player with initiative
• Excellent written and verbal communication

🎁 Benefits

• 100% employer-paid medical insurance
• Generous PTO, holidays, parental leave, and sick time
• RSU stock grants
• Professional development and training opportunities
• Company virtual happy hours, free food, and team-building activities
• Monthly cell phone stipend