GRC Senior Analyst

About The Position

Requirements

• Bachelor’s or master’s degree in Computer Science, Information Technology, Management Information Systems, or Cybersecurity, or equivalent practical experience.
• Strong understanding of the governance, risk, and compliance domain and why it matters for organizational security and privacy.
• Familiarity with compliance automation tools (e.g., Anecdotes, Vanta).
• Familiarity with cloud technologies (e.g., AWS, Wiz) and their relationship to risk and compliance.
• Ability to communicate complex ideas clearly to stakeholders.
• A collaborative mindset—you enjoy working cross-functionally to accomplish shared goals and care about learning, growing, and helping others do the same.
• You don’t need to be an AI expert, but you’re curious and willing to adopt AI tools to work smarter and deliver better results.

Nice To Haves

• Experience (typically 4-5+ years) in the GRC, risk, compliance, or audit domain.
• Working knowledge of Notion and how AI agents can be used to enhance GRC programs.

Responsibilities

• Coordinate evidence collection, manage timelines with internal partners, support external auditors for compliance frameworks such as SOX ITGCs, SOC 2 Type II, ISO, HIPAA, and BSI C5.
• Help improve and maintain information security policies, controls, procedures, and standards, for processes, applications, and infrastructure.
• Use and help build custom AI agents and automation to scale and mature our Security GRC programs. For example, automate evidence collection, control monitoring workflows, and reporting.
• Contribute to the development of dashboards and metrics for compliance and audit reporting.
• Implement and expand our continuous control monitoring efforts using our compliance automation tool.
• Identify gaps in our security controls and work with teams across the organization to strengthen them.