Information Security Analyst (GRC)
About The Position
LVT is actively seeking a highly motivated and detail-oriented Information Security Analyst (GRC) to join our growing Information Security team. This role will report directly to the Information Security Manager (GRC). This position is designed for an individual eager to delve deeply into the operational aspects of Governance, Risk, and Compliance, directly supporting LVT’s steadfast commitment to security excellence and regulatory adherence as the business continues its innovative scaling. LVT values managing risk in alignment with our customer’s and stakeholder’s expected levels. We design, implement, and monitor controls that reduce real risk. The Information Security Analyst (GRC) will work with Management to operate key GRC processes. The primary focus of this hands-on position will be answering customer security questionnaires, performing risk assessments and internal audits, developing and maintaining policies, being a liaison for our external auditors, and helping to identify, manage, and reduce risk across our environment.
Requirements
- 1-3 years of experience with Information Security, GRC or IT Audit roles.
- Highly organized and can multitask and juggle multiple priorities.
- Familiarity with leveraging and applying AI tools and technologies to automate routine GRC tasks and improve program efficiency.
- Practical experience with SOC 2 audit processes including proficiency in control testing, evidence collection, and internal coordination.
- Familiarity with information security and risk frameworks.
- A foundational understanding of business operations and how security controls impact business functions.
- Effective verbal and written communicator.
- Desire to work directly with key stakeholders, including customers.
- Hunger to learn and grow their abilities.
- Consistently demonstrates high integrity and transparency.
- Willing to take on tasks with a positive attitude, but also speaks up on concerns.
Nice To Haves
- A Bachelor's degree in Information Security, Computer Science, Information Technology, Business, or a related field, or equivalent practical experience, is preferred.
- Experience working with GRC platforms (e.g., Drata, Vanta, ZenGRC) and project management tools (e.g., Jira, Asana) is helpful.
- Relevant professional certifications such as CompTIA Security+, CISA, CC, or CRISC are a plus
Responsibilities
- Support LVT’s annual SOC 2 audit.
- Facilitate effective communication and coordination with internal SOC 2 control owners.
- Proactively assist in identifying, analyzing, and resolving audit concerns or control deficiencies, proposing initial remediation steps.
- Document audit outcomes, lessons learned, and recommended improvements post-audit.
- Execute control testing, including evidence collection and documentation.
- Develop LVT’s security policies, submitting them for approval, and ensuring alignment with organizational standards.
- Maintain and update the risk register to ensure accurate and timely recording of identified risks and their mitigation status.
- Maintain GRC documentation to ensure accuracy, accessibility, compliance with internal controls
- Execute quarterly user access reviews.
Benefits
- We invest in our crew’s health, families, and financial futures with a benefits package designed to support you inside and outside the office.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
Associate degree
Number of Employees
11-50 employees
