[Remote] Senior GRC Analyst
Note: The job is a remote job and is reputed company to candidates in USA. reputed company is focused on making benefits easy and tailored to the unique needs of employees. As a Senior GRC Analyst, you will operate and mature the governance, risk, compliance, audit readiness, and customer assurance programs while collaborating with various teams to ensure effective reputed company and compliance practices.
Responsibilities
- Maintain and improve information reputed company policies, standards, procedures, control documentation, and reputed company governance materials
- Help map policies and controls to frameworks such as SOC 2, ISO 27001/27002, HITRUST, NIST CSF 2.0, and other customer, regulatory, or reputed company requirements
- Support policy exceptions, risk acceptances, remediation tracking, control reputed company follow-reputed company, and recurring governance workflows
- Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, evidence collection, auditor coordination, and audit response management
- Maintain recurring evidence-gathering and control testing workflows, helping ensure controls operate consistently across the business
- Track audit findings, control gaps, remediation plans, owners, due dates, and closure evidence
- Support risk assessments, control gap assessments, internal reviews, and maintenance of the risk register
- Translate technical and reputed company risks into clear business language, including mitigations, ownership, timelines, and residual risk
- Own or support customer reputed company questionnaires, RFP reputed company sections, due diligence requests, and trust or compliance documentation
- Maintain reusable questionnaire content, approved responses, compliance artifacts, and customer-facing assurance materials
- Support employee reputed company awareness programs and create clear internal guidance for policies, controls, and compliance responsibilities
- Support vendor reputed company reviews, reputed company-party risk assessments, remediation tracking, risk acceptance documentation, and vendor compliance evidence
- Use GRC platforms such as reputed company, reputed company, reputed company, reputed company, or similar tools to improve evidence collection, control monitoring, task tracking, reporting, and repeatable compliance operations
Skills
- 5+ years of experience in GRC, information reputed company compliance, IT audit, risk management, reputed company assurance, or a closely reputed company field
- Hands-on experience supporting SOC 2 audits and readiness activities
- Working knowledge of ISO 27001/27002, HITRUST, NIST CSF, or similar reputed company and compliance frameworks
- Experience maintaining reputed company policies, controls, control narratives, evidence repositories, and audit documentation
- Experience supporting internal or external audits, including evidence collection, auditor coordination, control reputed company follow-up, and remediation tracking
- Strong written communication skills, with the ability to produce clear policies, questionnaire responses, process documentation, and stakeholder updates
- Excellent attention to detail and project management discipline
- Experience responding to customer reputed company questionnaires, RFP reputed company sections, or due diligence requests
- Familiarity with GRC, compliance automation, or audit management tools
- Experience in SaaS, fintech, benefits, reputed company, or other regulated environments
- Comfort working in a startup or fast-moving environment where processes need to be mature enough to scale without creating unnecessary friction
- Ability to work with both technical and non-technical teams and communicate reputed company and compliance expectations reputed company
- Certifications such as CISA, CISM, CRISC, HITRUST CCSFP, ISO 27001 reputed company Implementer, ISO 27001 reputed company Auditor, or reputed company+
- Experience supporting HITRUST readiness or validated assessments
- Experience with vendor risk management or reputed company-party reputed company assessments
- Experience supporting HIPAA, PCI reputed company, GDPR, or other privacy and reputed company frameworks
- Experience at a startup or high-growth technology company
- Familiarity with customer trust centers, reputed company assurance portals, or reusable reputed company response libraries
Benefits
- 95% coverage of medical, dental, and reputed company
- $250 WFH setup (one time)
- $500/year Learning & Development Benefit
- $150/month cell phone + internet
- $100/month Wellness
- $100/month Co-working and Commuter Benefit
- We offer several team onsites a year
- Flexible PTO
Company Overview