Sr. GRC Analyst
New
S
SubsplashInformation Security
This role is only available as a 100% remote position if you reside in one of the following states: AL, AR, AZ, CO, FL, GA, ID, IA, IN, KS, KY, MO, MI, MN, NC, NM, OK, OH, OR, SC, SD, TN, TX, UT, VA, WA, WY.Full-TimeSenior
Salary95,000 - 105,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 3–5 years
- Required Skills
- Artificial IntelligenceRisk Management
Requirements
- 3–5 years of experience in GRC, Information Security, or Audit.
- Deep practical knowledge of PCI DSS requirements and controls.
- Experience performing Data Mapping and maintaining RoPA.
- Experience managing phishing platforms (e.g., KnowBe4, Mimecast).
- Experience managing formal access review cycles.
- Experience administering a GRC platform (Vanta advantage).
- Experience with SOX ITGCs (change management, logical access, SoD).
- Demonstrated experience using AI tools to improve GRC workflows.
- Ability to work effectively across IT and Engineering teams.
- Strong critical thinking and detail-oriented mindset.
Responsibilities
- Lead PCI DSS audits and support IT SOX control testing.
- Develop and maintain data inventory and data flow diagrams.
- Map and implement controls across frameworks like NIST CSF.
- Orchestrate quarterly and semi-annual user access reviews.
- Monitor provisioning and deprovisioning processes.
- Maintain a year-round Security Awareness Training program.
- Execute phishing simulations and analyze fail rates.
- Execute the Third-Party Risk Management program.
- Maintain and update the corporate risk register.
- Deploy AI tools to scale the GRC program and automate reporting.
View Full Description & ApplyYou'll be redirected to the employer's site
