Senior GRC Analyst
New
While we prefer candidates based in Atlanta, we are open to qualified applicants from anywhere in the U.S. and are willing to consider remote candidates.Full-TimeSenior
Salary$110,000 to $120,000
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
- Required Skills
- Project Management
Requirements
- 5+ years of experience in Governance, Risk, and Compliance (GRC), Information Security, IT Audit, or related fields.
- Experience independently managing audits, compliance initiatives, or governance programs with limited supervision.
- Proficiency with security and compliance frameworks such as SOC 2, ISO 27001, SOX 404, PCI-DSS, NIST, GDPR, or CIS.
- Hands-on experience conducting Third-Party Risk Management (TPRM) assessments throughout the vendor lifecycle.
- Experience maintaining or developing security policies, standards, and procedures.
- Experience identifying, documenting, and communicating security and compliance risks to technical and non-technical stakeholders.
- Experience working with GRC platforms to manage compliance activities, risk registers, and workflow automation.
- Experience interpreting and mapping security and compliance controls to operational processes.
- Familiarity with the impact of GRC on the Secure Software Development Life Cycle (SSDLC) and IT operations.
- Experience supporting privacy and data protection compliance initiatives such as CCPA.
- Strong written and verbal communication skills with the ability to collaborate across teams.
- Strong project management experience.
Responsibilities
- Own the ongoing review and maintenance of organizational security policies, standards, and procedures.
- Serve as a primary cross-functional coordinator to design and maintain a unified, strategic governance roadmap.
- Lead security risk assessments for new and renewing third-party vendors as part of the procurement lifecycle.
- Coordinate and support the organization's annual security audits and certifications such as SOC 2, PCI, and CIS.
- Assist with the administration and continuous improvement of the company’s security awareness and training program.
- Partner with Legal and Regulatory teams to interpret new and changing compliance requirements.
- Proactively identify and drive improvements to the efficiency, consistency, and scalability of GRC processes.
- Maintain and evolve risk and issues registries, tracking exceptions and risk owners.
View Full Description & ApplyYou'll be redirected to the employer's site