Senior GRC Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

NaphCare, Inc. · 5 hours ago

Senior GRC Analyst

positionBirmingham, AL
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

NaphCare is searching for an experienced Senior GRC Analyst to join our team on-site at our Corporate Headquarters in Birmingham, AL. The GRC Analyst will collaborate with process owners, internal auditors, external auditors, and other stakeholders to assist in reviewing, monitoring, and resolving findings, while managing SOC 2 Compliance programs.

Hospital & Health Care
check
H1B Sponsor Likelynote

Responsibilities

Manage risk and vulnerability assessments, validation testing, compliance reviews, and audits in accordance with NIST standards
Manage and support SOC 2
Promote widespread implementation of ISO standards
Maintain and monitor a central repository for audit evidence
Inform the proper stakeholders of important concerns and hazards
Work together with other stakeholders to link our corporate IT, procurement, and privacy departments with GRC objectives
Maintain up-to-date knowledge of procedures and methods that serve to broaden team knowledge and industry expertise
Manage security standards, policies, and practices on an annual basis to make sure they meet corporate demands
Assist the department in responding to inquiries from the business units about ongoing operational compliance
Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements
Share information with managers to avoid surprises, draw attention to problems, and guarantee delivery on time

Qualification

SOC 2 auditsRisk managementCompliance reviewsNIST standardsGRC toolsAnalytical skillsIdentity managementCloud disaster recoverySecurity+Effective communicationProblem-solving

Required

Degree in information cybersecurity, risk management, governance, or a related field
5+ years of direct experience in information security, with a main emphasis on risk and compliance
3+ years of expertise conducting SOC 2 audits, as well as handling audit responses
Thorough understanding of market structures, including relevant regulatory compliance requirements (SOC 2, NIST, FedRamp, CMMC, GDPR, etc.)
Knowledge of identity management standards, storage, and disaster recovery in the cloud
Knowledge of GRC tool techniques and best practices (ServiceNow, Drata, or Vanta)
Proven track record of organizing and carrying out several risk and compliance projects
Ability to successfully manage third-party audits, compile evidence, and organize audit responses
Effective written and verbal communication skills and the capability to communicate with cross-functional teams
Proven analytical and problem-solving abilities for managing initiatives that advance corporate goals

Preferred

Security+

Company

NaphCare, Inc.

twitter
company-logo
At NaphCare, we believe in innovating to improve lives.
dateFounded in 1989
location
Birmingham, AL, US
people-size1001-5000 employees
web-link
http://www.naphcare.com

H1B Sponsorship

NaphCare, Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2024 (2)
2020 (1)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Jason Douglas
Chief Technology Officer
linkedin
leader-logo
Connie Young
CFO
linkedin
Company data provided by crunchbase