Auris | formerly Heartland · 1 day ago
GRC Analyst
Oklahoma City, OK
Full-time
Onsite
Mid LevelAuris is a payroll and HR partner focused on small and medium-sized businesses. The GRC Analyst will be responsible for building, monitoring, and improving frameworks to ensure organizational compliance and risk management, collaborating across various teams to enhance security practices and facilitate audits.
Financial Services
Responsibilities
Maintain and evolve the Information Security Governance Framework aligned with NIST, ISO 27001, SOC 2, PCI-DSS, and SOX
Map controls across frameworks to identify overlaps, gaps, and automation opportunities
Draft and update policies, standards, and procedures
Monitor control effectiveness through dashboards and continuous checks
Identify, assess, and report technology and cybersecurity risks
Facilitate risk assessments for products, vendors, and projects; track mitigation plans
Maintain risk register with likelihood, impact, and residual risk metrics
Produce risk reports and heatmaps for leadership
Lead or support audits (SOC, NYDFS, Texas DOB); coordinate evidence and interviews
Maintain audit calendar and ensure timely control testing
Track remediation of findings and report status
Manage vendor security reviews: questionnaires, evidence validation, risk scoring
Oversee security due diligence for acquisitions and critical partners
Maintain vendor risk register and report exposure
Publish dashboards on control health, risk posture, and compliance
Communicate risk and compliance expectations clearly to stakeholders
Support security awareness and training campaigns
Qualification
Required
Maintain and evolve the Information Security Governance Framework aligned with NIST, ISO 27001, SOC 2, PCI-DSS, and SOX
Map controls across frameworks to identify overlaps, gaps, and automation opportunities
Draft and update policies, standards, and procedures
Monitor control effectiveness through dashboards and continuous checks
Identify, assess, and report technology and cybersecurity risks
Facilitate risk assessments for products, vendors, and projects; track mitigation plans
Maintain risk register with likelihood, impact, and residual risk metrics
Produce risk reports and heatmaps for leadership
Lead or support audits (SOC, NYDFS, Texas DOB); coordinate evidence and interviews
Maintain audit calendar and ensure timely control testing
Track remediation of findings and report status
Manage vendor security reviews: questionnaires, evidence validation, risk scoring
Oversee security due diligence for acquisitions and critical partners
Maintain vendor risk register and report exposure
Publish dashboards on control health, risk posture, and compliance
Communicate risk and compliance expectations clearly to stakeholders
Support security awareness and training campaigns
Benefits
Comprehensive medical insurance
Dental insurance
Vision insurance
Life and disability insurance
Fertility benefits
Wellness resources
Paid sick time
Generous paid time off and holidays
Employee Assistance Program (EAP)
Complimentary Calm app subscription
Immediate vesting in a 401(k) plan
Health Savings Account (HSA)
Flexible Spending Account (FSA) options
Commuter benefits
Employee discount programs
Paid maternity leave
Paid paternity leave (including for adoptive parents)
Legal plan options
Pet insurance coverage
Company
Auris | formerly Heartland
Auris™ is the payroll and HR partner built for small and medium-sized businesses who can’t afford to get it wrong.
Founded in 2014
1001-5000 employees
Funding
Current Stage
Late StageCompany data provided by crunchbase