Senior GRC Analyst

Job Summary

A company is looking for a Senior GRC Analyst to lead certification and assurance programs while managing enterprise risk and compliance.

Key Responsibilities

• Lead audits and certifications for ISO 27001, ISO 27701, ISO 42001, and SOC 2
• Manage enterprise risk programs, including risk assessments and remediation processes
• Oversee access governance and vendor risk management, ensuring compliance and security

Required Qualifications

• 5-7+ years of experience in GRC, audit, or risk management
• At least 3+ years of experience leading ISO 27001 certification and SOC 2 audits
• Proven ownership of SOC 2 programs in cloud environments
• Familiarity with privacy and data governance regulations (GDPR/CPRA)
• Experience with GRC tooling, automation, and basic scripting for evidence collection