Security Analyst, Governance, Risk, and Compliance

We're seeking a detail-oriented Security Analyst specializing in Governance, Risk, and Compliance (GRC) with a strong focus on Risk Management. The ideal candidate will be responsible for identifying, assessing, and mitigating risks to ensure the security and compliance of our organization's information systems.

Requirements

• 5+ years of proven experience in a GRC or Risk Management role, in both on-prem and cloud environments in a Technology Company
• Knowledge of Security Best Practices (e.g., least privileged, zero trust model)
• Hands on working knowledge with GRC tools (e.g., ServiceNow, ZenGRC)
• Cybersecurity certifications (e.g., CISSP, CISM, CISA) are a plus
• Strong knowledge of risk management frameworks (e.g., NIST, ISO 31000) and compliance standards (e.g., ISO27001, SOC-2).
• Basic to intermediate understanding of secure software development practices
• Expertise with risk identification in solution architecture and design
• Strong working knowledge of building risk reports for senior management
• Analytical Thinking: Skill in analyzing problems, identifying root causes, and providing solutions
• Project Management: Experience managing project timelines, resources, and stakeholders
• Collaboration: Ability to work well with cross-functional teams, including Engineering, IT operations, Security, and Compliance teams

Benefits

• Flexible time off
• Wellness resources
• Company-sponsored team events