GRC Technical Incident Response Analyst

Location : Remote

Reports to : GRC Manager

Time commitment : minimum 20 hours weekly

Headcount : 1 person

Summary :

We are looking for a highly motivated and detail-oriented Governance, Risk, and Compliance (GRC) Analyst with a strong background in technical incident response. The ideal candidate will help build and mature our security programs, focusing specifically on our event technology infrastructure, while also playing a key role in responding to and mitigating technical security incidents.

Job Descriptions :

• Perform security risk assessments, including third-party and vendor risk management, to identify vulnerabilities and mitigate threats related to events, data handling, and technology infrastructure.
• Conduct risk modeling and incident response exercises specific to live events, such as mitigating risks from public Wi-Fi, phishing during registration, and protecting sensitive users and clients data.
• Serve as an escalation point for the Security team, leading the end-to-end incident response process from detection and analysis to containment, eradication, and recovery.
• Assist technical security requirements into effective, actionable security policies, standards, and procedures.
• Develop and report on key security metrics, including those related to incident response performance (e.g., detection time, resolution time), for management and governance committees.

Candidate Qualifications :