Information Security GRC Analyst

Job Summary

A company is looking for an Information Security/Cyber GRC Analyst.

Key Responsibilities:

• Support and contribute to InfoSec GRC programs including risk management and compliance management
• Collaborate with departments on RFPs and security questionnaires
• Conduct risk analyses and assist with SOC2 and HITRUST audit engagements

Qualifications:

• Minimum of 2 years of experience in IT security, risk management, compliance, or audit
• Bachelor's degree in Computer Science, Information Technology, or related field preferred
• Experience with compliance and security frameworks such as SOX, PCI, and NIST
• Relevant security certifications preferred, such as CISA, CISSP, or CompTIA Security+
• General knowledge of security tools and cloud services principles