Senior GRC Analyst, Hybrid TX

About The Position

Requirements

• Must reside within a reasonable commuting distance of the Fort Worth office.
• Bachelor’s degree in Information Systems, Information Security, Risk Management, Cybersecurity, or a related discipline; equivalent practical experience may be considered.
• 4–7 years of progressively responsible experience in information security, governance, risk and compliance (GRC), risk management, compliance, audit, or related IT security functions.
• Proven experience supporting security, IT, or compliance audits (e.g., SOC, ISO, internal audit, regulatory examinations), including audit readiness, evidence collection, and remediation tracking.
• Experience assessing information security risks, evaluating control effectiveness, and identifying compliance gaps.
• Working knowledge of common security frameworks and regulatory standards such as NIST, ISO 27001, SOC, NYDFS Part 500, PCI-DSS, or similar frameworks.
• Strong analytical, problem-solving, and organizational skills with the ability to manage multiple priorities independently.
• Ability to communicate technical security concepts clearly to non-technical stakeholders and business leaders.
• Excellent written and verbal communication skills, including clear and concise documentation.
• Ability to work independently in a fast-paced environment with strong attention to detail.
• Sound professional judgment and discretion when handling sensitive or confidential information.
• Collaborative mindset with the ability to influence cross-functional stakeholders without direct authority.
• Legally authorized to work in the United States without current or future employer sponsorship.

Nice To Haves

• Professional certifications such as CISA, CRISC, CISSP, or ISO 27001 are preferred, but not required.

Responsibilities

• Independently assess, analyze, and document information security risks across systems, applications, and technology‑enabled processes using a risk‑based approach.
• Support and maintain the information security governance framework, including policies, standards, procedures, and control documentation.
• Assess the design and operating effectiveness of security controls and provide risk‑based recommendations to Information Security leadership.
• Monitor and report on adherence to internal security policies and applicable regulatory and contractual requirements.
• Identify, track, and report control deficiencies and policy violations; partner with stakeholders to drive corrective actions.
• Support internal and external audits, regulatory examinations, and customer assurance activities, including evidence coordination, audit responses, and remediation tracking.
• Provide governance and coordination support for SOC 2 Type 2 assurance activities, including control readiness, internal testing, and auditor engagement.
• Develop and maintain a centralized security knowledge base to streamline customer, partner, and due‑diligence responses.
• Execute security awareness and training activities, including platform administration and phishing simulations.
• Partner with IT, Legal, and business stakeholders to ensure security requirements are understood and incorporated into relevant processes.
• Support the development and implementation of the IT vendor risk management program, including third‑party risk assessments and vendor risk tracking.
• Contribute to continuous improvement of GRC processes, tooling, and reporting.
• Perform other duties consistent with the scope of the role.

Benefits

• The information collected is solely used to determine suitability for employment, verify identity and maintain employment statistics on applicants.
• Applicants with disabilities may be entitled to reasonable accommodation throughout the recruitment process in accordance with applicable human rights and accessibility legislation.
• A reasonable accommodation is an adjustment to processes, procedures, methods of conveying information and/or the physical environment, which may include the provision of additional support, in order to remove barriers a candidate may face during recruitment such that each candidate has an equal employment opportunity.
• The Company will accommodate a candidate to the point of undue hardship.
• Please inform the Company's personnel representative if you require any accommodation in the application process.