Risk and Compliance Analyst

About The Position

Requirements

• Bachelor's Degree or High School Diploma/GED with an equivalent level of experience.
• A minimum of 2 years of experience in information security, risk management, audit, or a related field.
• Proven analytical and problem-solving skills, with a strong ability to influence others and communicate complex technical topics to diverse audiences.
• Qualified candidates must be legally authorized to be employed in the United States or the United Kingdom.

Nice To Haves

• Professional certifications such as CISA, CRISC, CISSP, or similar.
• Experience working in a global, matrixed organization and building cross-functional relationships.
• Demonstrated strong learning agility and business acumen, with an understanding of solution lifecycle management.
• Experience with Governance, Risk, and Compliance (GRC) tools.
• Knowledge of common information security frameworks such as NIST (CSF, RMF) or ISO 27001.

Responsibilities

• Develop and govern the information security risk and compliance lifecycle, including the creation and maintenance of security policies and standards to guide the organization.
• Support the execution and continuous improvement of the Information Security Third-Party Risk Management (TPRM) program.
• Partner with IT, Operational Technology (OT), and DevSecOps teams to consult on complex security issues and build, maintain, and operate governance processes.
• Discover and maintain risks and issues in the security register, supporting strategic projects and reporting to Enterprise Risk Management.
• Provide effective communication and guidance to technical and non-technical audiences, fostering a culture of teamwork and continual learning.

Benefits

• Multiple relocation packages
• Two weeklong shutdowns (mid-summer and year-end) in the US (in addition to PTO)
• 8-week parental leave
• 9 Employee Resource Groups
• Annual bonus offering
• Flexible work arrangements
• Up to 6% 401K matching