Senior GRC Analyst

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, Business Administration, or equivalent experience.
• 5–7 years in security, audit, compliance, or risk roles, with experience supporting or running audits.
• Familiarity with SOC 2, HIPAA, NIST preferred.
• Excellent organizational and communication skills
• Ability to prioritize, self-direct, and execute with minimal supervision
• Strong process orientation and documentation habits
• Familiarity with regulatory frameworks and risk-based thinking
• Comfortable navigating between high-level strategy and detailed execution
• Interest in scaling a team and evolving into a GRC leadership role

Responsibilities

• Draft, maintain, and evolve information security policies, standards, and procedures aligned with regulatory frameworks.
• Collaborate with technical and business teams to ensure policies are practical, up to date, and effectively implemented.
• Prepare documentation and responses for external audits and regulatory reviews (SOC 2, HIPAA, NAIC, etc.).
• Maintain and update the enterprise risk register; coordinate quarterly reviews with domain owners.
• Map and test controls for effectiveness across security, privacy, and operational domains.
• Track accepted risks and mitigation plans; document and report on progress.
• Coordinate evidence collection and maintain audit readiness throughout the year.
• Assist with internal and third-party risk assessments.
• Support tabletop exercises and business continuity documentation.
• Build repeatable workflows for compliance, policy, and risk processes, starting from manual tools and scaling toward automation.
• Define and track KPIs for audit readiness, risk mitigation, and GRC effectiveness.
• Identify and implement opportunities for continuous improvement in collaboration with other teams.
• Document procedures to enable future team scaling.
• Demonstrate ownership, initiative, and quality execution in all areas of GRC.
• Position yourself to grow into a leadership role as the GRC function expands.

Benefits

• Competitive Salary & Target Bonus Program
• Retirement Savings – 401(k) with a company match
• Comprehensive Medical insurance through BlueCross BlueShield of Texas. Company-paid dental, vision, short-term & long-term disability, and life insurance.
• Work-Life Balance – This role offers 25 days of PTO, 10 paid holidays, and paid volunteer time off.
• Flexible Work Options & Perks – Hybrid opportunity, wellness programs, and weekly paid lunch for onsite staff.
• Health Savings Accounts (HSA) & Flexible Spending Accounts (FSAs) – Includes a company match for HSAs.