About The Position
The GRC Analyst will be responsible for leading the day-to-day compliance, data governance, and risk management functions. This person should be able to understand and facilitate multi-faceted risk frameworks, assisting our business partners with making balanced decisions between risk exposure, growth, and innovation. This person should also be able to support mechanisms to proactively identify, mitigate, and monitor risks by working with many cross-functional teams within the LTG SaaS Companies.
Requirements
- Knowledge of industry security and privacy standards (including ISO 27001 and 27701, SOC 2, and GDPR) demonstrated by experience with customer and 3rd party audits.
- Baseline knowledge of risk management processes, in both a compliance and security context.
- Previous experience with internal and external audits.
- Familiarity with ISMS and security frameworks.
- Ability to make practical interpretations of regulatory and compliance requirements
- Ability to proactively identify opportunities for continuous improvement
- Strong aptitude for learning highly technical subject matter
- Strong written and verbal communications skills, and the ability to work effectively with colleagues at all levels of the organization
Responsibilities
- Assist with external audits for SOC 2, ISO 27001 and 27701
- Assess and track compliance with regulatory and legal requirements relevant to the business including, GDPR, CCPA, and contractual commitments
- Assess, track and ensure fulfillment of legal, regulatory, and client driven requirements relating to environmental and social responsibility compliance
- Monitor information security training and awareness across the organization
- Perform continuous monitoring, remediation, reporting escalation and resolution of security and compliance issues with appropriate leadership
- Communicate with Legal to ensure that the company meets data privacy and security requirements.
- Conduct internal security audits, risk assessments and business impact assessments.
- Work with business leaders to ensure information security risk findings are reviewed and solutions are implemented.
- Perform periodic gap assessments to validate compliance on an ongoing basis.
- Assess the security qualifications of current and potential vendors.
- Liaise with relevant parties to commission activities related to contingency planning, business continuity management, and IT disaster recovery.
- Complete security and privacy-related documentation and questionnaires to support RFPs’ and customer-driven vendor risk assessments.
- Leading initiatives to fulfill Company’s Environmental, Social, and Governance commitments
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
