Apply on Employer Site

Identify Security · 1 day ago

GRC Infosec Senior Analyst (ISO 27001)

Twin Cities Area

Full-time

Hybrid

Senior Level

5+ years exp

Identify Security is a highly respected, client-facing professional services organization expanding its Governance, Risk & Compliance function. They are hiring a hands-on senior analyst to help run and mature an ISO-anchored security program, supporting client assurance, audits/certifications, and internal governance.

Cloud SecurityConsultingCyber SecurityNetwork Security

No H1B

U.S. Citizen Only

Responsibilities

Operate and improve the ISO 27001 ISMS (internal audits, management reviews, risk assessments, SOA updates; evidence readiness)

Lead client-requested security assessments and contract-driven security reviews (questionnaires, RFP/security responses, third-party assurance)

Support audit & recertification cycles (planning, scoping, evidence collection, control narratives, remediation tracking)

Run ongoing IAM authorization compliance oversight (RBAC/PIM, privileged/service/user accounts, recurring access certifications; restricted-access reviews as assigned)

Support post-implementation DLP compliance oversight and continuous improvement

Help define and maintain the annual security awareness/training program

Maintain clear, defensible documentation aligned to internal standards, client obligations, and applicable regulations

Qualification

ISO 27001 ISMSGRC experienceAudit experienceWindows + Microsoft 365/AzureSecurity assessmentsDLP compliance oversightSecurity metrics/dashboardsWritten communication