Senior GRC Analyst

New
While we prefer candidates based in Atlanta, we are open to qualified applicants from anywhere in the U.S. and are willing to consider remote candidates.Full-TimeSenior
Salary$110,000 to $120,000
Apply NowOpens the employer's application page

Job Details

Experience
5+ years
Required Skills
Project Management

Requirements

  • 5+ years of experience in Governance, Risk, and Compliance (GRC), Information Security, IT Audit, or related fields.
  • Experience independently managing audits, compliance initiatives, or governance programs with limited supervision.
  • Proficiency with security and compliance frameworks such as SOC 2, ISO 27001, SOX 404, PCI-DSS, NIST, GDPR, or CIS.
  • Hands-on experience conducting Third-Party Risk Management (TPRM) assessments throughout the vendor lifecycle.
  • Experience maintaining or developing security policies, standards, and procedures.
  • Experience identifying, documenting, and communicating security and compliance risks to technical and non-technical stakeholders.
  • Experience working with GRC platforms to manage compliance activities, risk registers, and workflow automation.
  • Experience interpreting and mapping security and compliance controls to operational processes.
  • Familiarity with the impact of GRC on the Secure Software Development Life Cycle (SSDLC) and IT operations.
  • Experience supporting privacy and data protection compliance initiatives such as CCPA.
  • Strong written and verbal communication skills with the ability to collaborate across teams.
  • Strong project management experience.

Responsibilities

  • Own the ongoing review and maintenance of organizational security policies, standards, and procedures.
  • Serve as a primary cross-functional coordinator to design and maintain a unified, strategic governance roadmap.
  • Lead security risk assessments for new and renewing third-party vendors as part of the procurement lifecycle.
  • Coordinate and support the organization's annual security audits and certifications such as SOC 2, PCI, and CIS.
  • Assist with the administration and continuous improvement of the company’s security awareness and training program.
  • Partner with Legal and Regulatory teams to interpret new and changing compliance requirements.
  • Proactively identify and drive improvements to the efficiency, consistency, and scalability of GRC processes.
  • Maintain and evolve risk and issues registries, tracking exceptions and risk owners.
View Full Description & ApplyYou'll be redirected to the employer's site
$110,000 to $120,000
Apply Now