We are looking for a GRC Analyst to support our organization's GRC program, including third-party risk management. The ideal candidate will have a strong understanding of risk processes and excellent communication and interpersonal skills. The role will involve working closely with cross-functional stakeholders and building a rapport to influence risk management outcomes.
Requirements
- Bachelor's degree in information systems, engineering, business, risk management, or a related field
- 5+ years of security/GRC experience, including substantial experience with vendor security risk management and performing vendor security reviews/audits.
- Proven experience in managing and improving vendor security risk programs
- Direct experience, knowledge and understanding of major security frameworks, regulations, and standards such as SOC 2 and ISO 27001.
- Experience working effectively with diverse teams to influence security and compliance outcomes