Greenlight Guru · 18 hours ago

GRC Analyst

Atlanta Metro

Full-time

Remote

Mid, Senior Level

$100K/yr - $120K/yr

5+ years exp

Maximize your interview chances

Enterprise SoftwareMedical Device

Insider Connection @Greenlight Guru

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Drive security assessments, audits, monitor and manage compliance of implemented quality and security controls to prepare and maintain requirements for ISO 9001, ISO 27001, SOC 2, and other frameworks

Provide oversight, for the development and maintenance of quality systems, programs, processes, and procedures that include

Creation and documentation of quality assurance activities

Support and develop systems for the identification, analysis, correction, and prevention of quality issues

Maintain system integrity by reviewing procedures for adherence to customer compliance, efficiency and industry best practices

Respond to customer security inquiries. Serve as a company representative with prospects, customers, and partners by assisting with completing security questionnaires, assessments, and audits

Evaluate and manage third-party risk and work with vendors to remediate identified risks

Manage periodic internal risk assessments based on changes to business, technology or threat landscape

Ensure that company policies are up to date, recorded, tracked, and disseminated to the entire company to minimize any quality, security and/or compliance issues

Coordinate periodic disaster recovery/business continuity/incident response testing and training

Develop, maintain, and report against security control KPIs

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

GRCAudit ManagementRisk ManagementISO 9001ISO 27001SOC 2GDPRAWSAzureSecurity Risk DocumentationVendor QuestionnairesProject Management

Required

Bachelor’s degree and 5+ years’ experience in the GRC, audit, risk management or similar field.

Experience managing quality and security assessments (ISO 9001, SOC2, ISO27001, GDPR) as an external or internal assessor.

Previous experience in a cloud environment, preferably AWS and/or Azure.

Experience leading internal and/or external audits, working as the liaison between auditors and the business.

Oral and Written Communication - Speaks and writes clearly and persuasively in positive or negative situations; listens and gets clarification; Responds well to questions; Demonstrates group presentation skills; Participates in meetings.

Experience with documenting and tracking security risks.

Proven ability to interview, gather, and understand content from subject-matter experts.

Strong organizational and problem-solving skills are required.

Strong project and time management skills are required.

Ability to work independently and as a team member is required.