Senior GRC Analyst
New
B
BenepassFintech
This remote role is based in the United States or Canada.Full-TimeSenior
Salary130,000 - 160,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
- Required Skills
- Risk Management
Requirements
- 5+ years of experience in GRC, information security compliance, IT audit, or risk management.
- Hands-on experience supporting SOC 2 audits and readiness activities.
- Working knowledge of ISO 27001/27002, HITRUST, NIST CSF, or similar frameworks.
- Experience maintaining security policies, controls, and audit documentation.
- Experience supporting internal or external audits and evidence collection.
- Strong written communication skills for policies, questionnaires, and stakeholder updates.
- Experience responding to customer security questionnaires, RFP security sections, or due diligence requests.
- Familiarity with GRC, compliance automation, or audit management tools.
- Experience in SaaS, fintech, benefits, healthcare, or other regulated environments.
- Ability to work in a startup or fast-moving environment.
Responsibilities
- Maintain and improve information security policies, standards, procedures, and control documentation.
- Map policies and controls to frameworks such as SOC 2, ISO 27001/27002, HITRUST, and NIST CSF 2.0.
- Support SOC 2, ISO 27001, and HITRUST audit preparation and evidence collection.
- Track audit findings, control gaps, and remediation plans.
- Support risk assessments and maintain the risk register.
- Own or support customer security questionnaires and RFP security sections.
- Support vendor security reviews and third-party risk assessments.
- Use GRC platforms to improve evidence collection and control monitoring.
View Full Description & ApplyYou'll be redirected to the employer's site
