Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

GRC Analyst

Posted 29 days agoViewed

View full description

💎 Seniority level: Senior, 5+ years

💸 Salary: 80000.0 - 100000.0 USD per year

🔍 Industry: Software Development

🏢 Company: Radicle Health👥 101-250Information ServicesInformation TechnologyHealth Care

🗣️ Languages: English

⏳ Experience: 5+ years

Requirements:
  • 5+ years of experience in GRC, risk management, or compliance roles.
  • Strong understanding of regulatory frameworks such as HIPAA, SOC 2, or NIST CSF.
  • Preference for expertise in compliance against NYS SSP with DOH OHIP.
  • Experience in conducting risk assessments and audits.
  • Demonstrated ability to solve problems through analytical thinking and communicate effectively with stakeholders.
Responsibilities:
  • Ensure alignment of security policies with regulatory and industry frameworks (e.g., HIPAA, SOC 2, NIST, privacy laws).
  • Support internal and external audits by gathering evidence and ensuring adherence to security controls.
  • Conduct compliance gap analyses and recommend improvements.
  • Work with stakeholders to remediate non-compliance issues.
  • Assist in developing, reviewing, and maintaining security policies, standards, and procedures.
  • Monitor third-party vendors for security risks and compliance with contractual obligations.
  • Support the development and delivery of security awareness training programs.
  • Develop metrics and reports to track compliance status, risk trends, and audit findings.
Apply

Related Jobs

Apply
🔥 GRC Analyst II
Posted 8 days ago

📍 United States

💸 110000.0 - 130000.0 USD per year

🔍 Insurance

🏢 Company: joinroot

  • 3+ years of experience in executing information security risk management activities, including risk assessment, response, and monitoring processes
  • Proficient in information security control frameworks, standards, and regulations (such as NIST CSF, PCI DSS, and insurance data security laws or similar)
  • In-depth experience designing and evaluating controls to reduce information security risk
  • Excellent problem solving skills and attention to detail
  • Experience developing reports and metrics including data analysis and data visualization
  • Self-motivated; naturally collaborative, ability to influence without direct authority
  • Proven ability to balance security with the ongoing needs of the business while maintaining compliance and meeting risk management requirements
  • Active security certification (CISM, CISSP, CIA, CISA, etc.) preferred
  • Familiarity with applying security controls in public cloud environments (e.g. AWS)
  • Contribute to the ongoing development and maturation of Root’s information security risk management processes to appropriately manage risk in alignment with the organization's risk appetite and continuously monitor the risk landscape/control environment
  • Aid in conducting risk assessments across the organization, working with a variety of teams/functions to identify, evaluate, and mitigate risks
  • Support compliance with Root’s information security regulatory requirements, performing readiness assessments, ensuring policies and controls adequately address relevant requirements, reporting on Root’s compliance status, and tracking remediation efforts as necessary
  • Assist in the ongoing development and management of Root’s information security control framework
  • Perform analysis of the information security control environment to monitor effectiveness, identify gaps, and inform compliance reporting
  • Coordinate issue management/risk mitigation activities, collaborating with teams across the organization to manage and track remediation efforts to completion
  • Maintain information security policies and standards
  • Support control design and effectiveness testing of information security controls
  • Coordinate the reporting of key metrics related to the control environment
  • Aid in responding to regulatory exams and other third-party audits
  • Contribute to the creation of a risk-aware culture and advocate for applying risk management practices and a risk-based approach to security

AWSSQLCloud ComputingCybersecurityData AnalysisREST APIComplianceJSONRisk ManagementData visualization

Posted 8 days ago
Apply
Apply
🔥 Cybersecurity GRC Analyst
Posted about 1 month ago

📍 US, UK, Ireland, Poland, Germany

🧭 Full-Time

💸 180000.0 - 230000.0 USD per year

🔍 Ecommerce, livestream shopping

🏢 Company: Whatnot👥 251-500💰 $260,000,000 Series D over 2 years agoInternetMarketplaceE-CommerceInformation TechnologyTrading PlatformCollectibles

  • A minimum of 8+ years of relevant experience in security governance, risk, and compliance, preferably in a tech startup environment.
  • A Bachelor’s degree in Computer Science, Information Security, or a related field.
  • Deep knowledge of security best practices and industry standards, such as ISO 27001, SOC2, PCI, and GDPR/CCPA.
  • Experience at a Big 4 firm or similar reputable audit firm.
  • Experience in supporting complex third party audit projects in a cloud centric environment.
  • Excellent written communication skills with the ability to document, communicate, and report security assessments and the effectiveness of cybersecurity controls.
  • Reviewing and implementing secure configurations across various tools like Okta, Terraform, AWS, Lumos, Cloudflare, and Github.
  • Developing security requirements for partner teams and driving progress towards the execution of those requirements.
  • Preparing for and running external security audits.
  • Shaping the strategic direction of the Security GRC team.

AWSCybersecurityTerraformDocumentationComplianceRisk Management

Posted about 1 month ago
Apply
Apply
🔥 Senior Staff GRC Analyst
Posted about 1 month ago

📍 US

🧭 Full-Time

💸 195000.0 - 244000.0 USD per year

🔍 Software Development

🏢 Company: Cribl👥 251-500💰 $150,000,000 Series D almost 3 years agoReal TimeBig DataInformation TechnologySoftware

  • 5+ years of experience building and leading fast paced GRC programs in cloud software companies
  • Strong, clear communication to all employees across multiple levels of expertise and experience.
  • Effective logical and logistical organization where needed; proficiency in using GSuite, Atlassian (primarily Jira & Confluence), and modern GRC tooling for tracking and publication, respectively; aptitude for collaboration over #slack.
  • Develop, implement, and maintain clear and comprehensive GRC policies, procedures, and standards to address risks, regulatory requirements, and compliance mandates.
  • Lead cross functional collaboration with stakeholders to ensure risk mitigation plans are integrated into day-to-day operations and risk management processes are sustainable.
  • Monitor GRC processes and identify opportunities for improvement, automation, and efficiency.
  • Work cross-functionally across the enterprise to ensure compliance and risk management objectives are achieved.

Project ManagementCross-functional collaboration

Posted about 1 month ago
Apply
Apply
🔥 Governance, Risk, and Compliance (GRC) Analyst (1042) - Department of Technology
Posted 3 months ago

📍 State of California

🧭 Full-Time

💸 135954.0 - 171002.0 USD per year

  • Associate degree in computer science, computer engineering, information systems, or a closely related field OR equivalent.
  • 1 year of experience analyzing, installing, configuring, enhancing, and/or maintaining the components of an enterprise network.
  • Perform cyber risk assessments against City cybersecurity requirements.
  • Conduct Vendor Risk Assessments to assess security posture of vendors.
  • Support the cyber awareness training and education program, including phishing simulations.
  • Track and monitor risk mitigation plans.
  • Develop routine reports in accordance with GRC metrics
  • Coordinate with technology and business groups to assess, implement, and monitor IT-related security risks/hazards
  • Conduct technical research to aid in threat assessment or risk mitigation activities
  • Perform assessments of adherence to standards
  • Perform review of policies and supporting procedures/processes.
  • Stay on top of changes in the industry as it relates to security.
Posted 3 months ago
Apply
Apply
🔥 GRC Analyst
Posted 3 months ago

📍 United States

🧭 Full-Time

💸 70000.0 - 90000.0 USD per year

🔍 Media and Entertainment

  • 3+ years experience in Information Security
  • Bachelor's degree in Computer Science or related field
  • Technical Cyber Security Certification
  • Understanding of security, risk and privacy regulatory frameworks
  • Manage supplier security risk assessments from initiation to completion
  • Generate risk assessment reports
  • Communicate remediation importance
  • Support monitoring of remediation efforts

CybersecurityRisk Management

Posted 3 months ago
Apply
Apply
🔥 Governance, Risk, Compliance (GRC) Analyst
Posted 4 months ago

📍 Portugal

🧭 Full-Time

🔍 Healthcare technology

  • Self-starter with minimal supervision.
  • 5+ years of hands-on experience in Information Security certifications.
  • Proven success in leading SOC 2, ISO 27001, PCI-DSS, and HITRUST frameworks.
  • Experience in Vendor Risk Management Programs and third-party audits.
  • Demonstrated experience in audits and compliance in healthcare and AI.
  • Excellent communication and leadership skills.
  • In-depth knowledge of relevant laws and regulations in healthcare.
  • Strong analytical and problem-solving skills.
  • Leading the implementation and maintenance of compliance frameworks such as SOC 2, ISO 27001, HITRUST, and PCI-DSS.
  • Working closely with the Director of Risk and Compliance to improve GRC programs.
  • Taking ownership of compliance certifications and audits.
  • Mentoring junior team members and fostering a culture of learning.
  • Conducting risk assessments and managing third-party vendor risks.
  • Spearheading audits and ensuring compliance preparation and follow-up.
  • Enhancing processes for security assessments and compliance training.

LeadershipCommunication SkillsAnalytical SkillsCollaborationCompliance

Posted 4 months ago
Apply
Apply
🔥 GRC Analyst - Colombia
Posted 5 months ago

📍 Colombia

🏢 Company: Partner One Capital👥 501-1000Financial ServicesSoftware

  • 3+ years of experience in a GRC role or similar capacity.
  • Proven experience in executing and managing internal and external ISO audits.
  • Strong skills in writing high-quality documentation, audit reports, and compliance summaries.
  • Agile and adaptable to changing business and regulatory priorities.
  • Experience with global, collaborative, and virtual team environments.
  • Proficient in IT governance, security frameworks, and audit methodologies like ISO and GDPR.
  • Excellent written and verbal communication skills in English.
  • Previous experience with NIST CSF / NIST 800-53b.
  • Preferred: Certified Internal Auditor (ISO 27001, ISO 27701, or equivalent).
  • Desirable: Experience with FedRAMP, familiarity with quality management systems like ISO 9001.
  • Develop, implement, and maintain the Information Security Management System (ISMS) for GRC coverage across the organization.
  • Ensure conformance to security standards like ISO 27001 and ISO 27701 for IT systems.
  • Support risk management activities and prepare for audits, including business continuity exercises.
  • Develop and enforce information security policies and procedures.
  • Lead internal audits and support external assessments against various security standards.
  • Manage vendor security and data privacy questionnaires, coordinating responses.
  • Collaborate with the Service Delivery Team on information security and security awareness.

AgileCommunication SkillsAnalytical SkillsCollaboration

Posted 5 months ago
Apply

Related Articles

Why remote work is such a nice opportunity?

Posted 10 days ago

Why remote work is such a nice opportunity?

Why is remote work so nice? Let's try to see!

Read More

Remote Job Certifications and Courses to Boost Your Career

Posted 7 months ago

Insights into the evolving landscape of remote work in 2024 reveal the importance of certifications and continuous learning. This article breaks down emerging trends, sought-after certifications, and provides practical solutions for enhancing your employability and expertise. What skills will be essential for remote job seekers, and how can you navigate this dynamic market to secure your dream role?

Read More

How to Balance Work and Life While Working Remotely

Posted 7 months ago

Explore the challenges and strategies of maintaining work-life balance while working remotely. Learn about unique aspects of remote work, associated challenges, historical context, and effective strategies to separate work and personal life.

Read More

Weekly Digest: Remote Jobs News and Trends (August 11 - August 18, 2024)

Posted 7 months ago

Google is gearing up to expand its remote job listings, promising more opportunities across various departments and regions. Find out how this move can benefit job seekers and impact the market.

Read More

How to Onboard Remote Employees Successfully

Posted 7 months ago

Learn about the importance of pre-onboarding preparation for remote employees, including checklist creation, documentation, tools and equipment setup, communication plans, and feedback strategies. Discover how proactive pre-onboarding can enhance job performance, increase retention rates, and foster a sense of belonging from day one.

Read More