Sr. GRC Analyst

Compliance Program Management & Audit Leadership:

• Act as the primary point of contact for external auditors.
• Develop and maintain a comprehensive data inventory and data flow diagrams.
• Track and report on GRC program health across compliance posture.

Access Governance & Identity Management:

• Orchestrate and lead the quarterly and semi-annual user access review process.
• Monitor and validate that provisioning and deprovisioning processes are executed accurately.

Security Awareness & Phishing Program:

• Execute and maintain a comprehensive Security Awareness Training program.
• Execute monthly or quarterly phishing simulations; analyze fail rates.
• Present program health metrics to the Leadership team.

Risk and Vendor Management:

• Execute the TPRM program—conducting vendor security reviews.
• Maintain and update the corporate risk register.
• Track remediation efforts are tracked, validated, and communicated to leadership.