Senior GRC Analyst

Job Summary

A company is looking for a Senior Governance, Risk, and Compliance (GRC) Analyst.

Key Responsibilities

• Lead the end-to-end PCI DSS Level-1 Service Provider assessment process and manage relationships with QSAs and auditors
• Oversee evidence gathering and support compliance assessments, including SOX ITGC audits and vendor risk management
• Develop and maintain compliance-related policies and track compliance metrics for management reporting

Required Qualifications

• Bachelor's degree in Information Security, Information Technology, Risk Management, Cyber Security, or a related field
• 5+ years of experience in GRC, IT compliance, or information security with significant PCI DSS and SOX ITGC experience
• Proven history of leading PCI DSS Level-1 Service Provider assessments
• Strong understanding of PCI DSS requirements and general IT audit frameworks
• Preferred certifications include PCI QSA, PCI ISA, CISA, CISSP, or CRISC