Security GRC Analyst

A company is looking for a Security GRC Analyst.

Key Responsibilities

Lead the strategy, execution, and improvement of the compliance program, including assessments and policy documentation

Develop and maintain cybersecurity policies and procedures in alignment with industry frameworks

Manage third-party risk assessments and serve as a liaison for compliance-related inquiries

Required Qualifications

Bachelor's degree in Information Security, Risk Management, Business, or a related field

3-5+ years of experience in Information Security, GRC, Risk Management, or Compliance

Experience supporting compliance frameworks such as NIST, CMMC, and ISO 27001

Proven experience with compliance programs and internal / external audits

Familiarity with cloud platforms and regulatory obligations like GDPR and HIPAA