Job Overview
Join our esteemed IT Security team as a GRC (Governance, Risk, and Compliance) Analyst, where you will play a pivotal role in safeguarding our organization through effective security compliance and risk management. This remote position offers you the opportunity to collaborate with diverse teams across the organization, ensuring adherence to security policies and regulatory standards while contributing to our robust security posture.
Key Responsibilities
- Support the development, review, and enforcement of security policies, standards, and procedures aligned with business objectives and regulatory requirements.
- Identify, evaluate, and document IT security risks, implementing strategies for risk mitigation and tracking their progress.
- Assist in internal and external audits by preparing essential documentation, maintaining compliance checklists, and addressing audit findings.
- Collaborate with the IT Security team to design and deliver engaging security awareness training and initiatives for staff.
- Contribute to the formulation of incident response protocols and participate in post-incident evaluations to ensure comprehensive management and analysis of security incidents.
- Act as a liaison between the organization and auditors, supplying necessary evidence and support for audit responses.
- Gather risk and compliance metrics for senior management, providing regular updates on GRC activities, risks, and trends.
- Undertake annual regulatory compliance training and remain informed on the latest advancements in IT security practices.
- Execute additional related duties as assigned.
Required Skills
- Bachelor's degree in Information Technology, Cybersecurity, or a related discipline, or equivalent professional experience.
- 2-4 years of experience in IT governance, risk management, and compliance.
- Proficient understanding of security frameworks such as ISO 27001 and NIST.
- Familiarity with risk assessment tools and methodologies.
- Knowledge of regulatory compliance standards, including SOC 2.
- Exceptional communication skills, capable of conveying complex information clearly to both technical and non-technical stakeholders.
- Strong analytical and problem-solving abilities.
- Relevant certifications (CISA, CRISC, CISSP) are advantageous.
Career Growth Opportunities
We are committed to fostering your professional development and continuous learning, enabling you to enhance your skills and expertise in IT security, compliance, and risk management.
Company Culture And Values
Our organization thrives on collaboration, where teamwork and open communication are highly valued. We are dedicated to creating an inclusive environment that encourages innovation and compliance awareness across all teams.
Compensation And Benefits
This position offers a competitive salary commensurate with experience, along with a comprehensive benefits package that includes health, dental, and vision insurance, a retirement savings plan with company matching, and generous vacation and paid time off policies.
Employment Type: Full-Time