Governance, Risk, and Compliance Audit Analyst

The GRC Analyst, professional level 2, of the Security Operations and Compliance subfamily of the IS and Compliance job family, is responsible for the organization's information security, compliance, and risk management programs to safeguard internal company data and the data of our clients. The GRC Analyst will conduct risk assessments for systems, products, and vendors to ensure compliance with government agencies and customer requirements. The professional level 2 role will Answer client and vendor questions regarding the company's compliance with information security standards. The role will build and lead the day-to-day security and privacy compliance, governance, and risk management functions at a fast-growing SaaS startup. The GRC Analyst will lead auditors through evidence collection and observations. Expected to lead the response to customer security questionnaires, RFPs, and inquiries about our Security & Compliance program.