Lead Information Risk Analyst

The Security Compliance Lead Information Risk Analyst is a senior individual contributor role with enterprise-wide responsibility for security governance, compliance execution, audit readiness, and GRC platform leadership. The role operates independently, leads complex cross functional initiatives, and serves as a subject matter authority, without formal people management responsibilities. This role leads within multiple enterprise compliance domains simultaneously (policy governance, control frameworks, audits, GRC platforms) and leads cross-functional initiatives impacting Information Security, Privacy, IT, Audit, and Governance. The work has enterprise-wide risk and regulatory impact, including audit readiness and certification outcomes. This role is accountable for end-to-end delivery of complex compliance efforts, not just task execution. The Lead Information Risk Analyst independently analyzes and interprets regulatory requirements and control frameworks to inform risk and compliance considerations. They provide expert input on compliance approaches, control alignment options, and documentation practices, influencing program direction and outcomes. This role acts as a subject-matter escalation point for complex compliance, risk, and audit issues, advising stakeholders on risks and trade-offs. They deliver well-reasoned recommendations that guide governance discussions and support executive decision-making. As a non-people manager, this role provides functional leadership to analysts and contributors through guidance, peer review, and quality oversight. They drive governance forums, SME reviews, and steering committee execution. This role influences senior stakeholders through expertise rather than positional authority and mentors others informally but does not conduct performance management. The Lead Information Risk Analyst handles ill-defined, ambiguous problems where standards or controls do not yet exist. They interpret new frameworks (e.g., ARC, AMPE) and translate them into actionable enterprise controls. They balance competing regulatory, technical, and operational constraints and manage sustained workload over standard capacity with frequent context switching. There is regular interaction with senior leaders, auditors, and governance bodies. This role acts as a trusted advisor on compliance posture and risk interpretation and represents the compliance function in cross-program initiatives and audits. Performs other duties as assigned and complies with all policies and standards.