Acrisure
Lead Governance, Risk, and Compliance Analyst
Acrisure, Atlanta, Georgia, United States, 30383
Overview
Lead Governance, Risk, and Compliance Analyst role at Acrisure. The ideal candidate will have between 10 to 25 years of experience in responding to client/prospect compliance questionnaires and cybersecurity assessments, performing internal risk assessments, maintaining awareness of existing and proposed cybersecurity regulations, and hands-on experience with audit, governance, risk, and compliance (GRC) frameworks. This role will work across multiple departments to ensure security solutions protect internal and third-party systems and customer data. You will drive security practices to align with compliance requirements and support secure systems and data protection across the organization. Responsibilities
Seasoned GRC leader with deep expertise in cybersecurity frameworks, regulatory compliance, and risk management. A strategic thinker and hands-on contributor who can drive security initiatives across the enterprise. Demonstrated ability to complete Security Questionnaires, Risk Assessments, Due Diligence Questionnaires (DDQs), RFIs, and other technical ad hoc requests from clients, regulators, and partners. Strong command of GRC frameworks such as NIST CSF, ISO 27001, and COBIT. Ability to align technical and administrative controls with regulatory and audit requirements. Lead internal and external audits, including SOC 2 Type I/II readiness, SOX ITGC testing, and HIPAA security rule assessments. Coordinate evidence collection and remediation efforts. Qualifications
In-depth experience with regulatory frameworks and standards including SOX, HIPAA, SOC 2, NYDFS Cybersecurity Regulation, GDPR, and PCI-DSS. Stay current with evolving global cybersecurity laws and compliance obligations. Ability to lead cross-functional teams, mentor junior engineers, and serve as a subject matter expert in security technologies, tools, and frameworks. Strong communication skills to engage with technical and non-technical stakeholders. 5+ years of relevant experience in security engineering and GRC-focused security solutions development. Deep understanding of security standards and frameworks such as NIST, ISO 27001, CIS Controls, and industry compliance regulations (NYDFS, GDPR, HIPAA, PCI-DSS). Proven ability to manage complex timelines and deliverables, ensuring alignment with organizational goals and regulatory requirements. Strong leadership and communication skills, with a track record of engaging stakeholders and guiding security teams toward shared objectives. Candidates should be comfortable with an on-site presence to support collaboration, team leadership, and cross-functional partnership. Benefits and Perks
Competitive compensation Generous vacation policy, paid holidays, and paid sick time Medical Insurance, Dental Insurance, and Vision Insurance (employee-paid) Company-paid Short-Term and Long-Term Disability Insurance Company-paid Group Life insurance Company-paid Employee Assistance Program (EAP) and Calm App subscription Employee-paid Pet Insurance and optional supplemental insurance coverage Vested 401(k) with company match and financial wellness programs Flexible Spending Account (FSA), Health Savings Account (HSA) and commuter benefits options Paid maternity leave, paid paternity leave, and fertility benefits Career growth and learning opportunities …and so much more! Please note: This list is not reflective of all benefits. Enrollment waiting periods or eligibility criteria may apply to certain benefits. Offerings may vary based on subsidiary entity or geographic location. California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at www.Acrisure.com/privacy/caapplicant.
#J-18808-Ljbffr
Lead Governance, Risk, and Compliance Analyst role at Acrisure. The ideal candidate will have between 10 to 25 years of experience in responding to client/prospect compliance questionnaires and cybersecurity assessments, performing internal risk assessments, maintaining awareness of existing and proposed cybersecurity regulations, and hands-on experience with audit, governance, risk, and compliance (GRC) frameworks. This role will work across multiple departments to ensure security solutions protect internal and third-party systems and customer data. You will drive security practices to align with compliance requirements and support secure systems and data protection across the organization. Responsibilities
Seasoned GRC leader with deep expertise in cybersecurity frameworks, regulatory compliance, and risk management. A strategic thinker and hands-on contributor who can drive security initiatives across the enterprise. Demonstrated ability to complete Security Questionnaires, Risk Assessments, Due Diligence Questionnaires (DDQs), RFIs, and other technical ad hoc requests from clients, regulators, and partners. Strong command of GRC frameworks such as NIST CSF, ISO 27001, and COBIT. Ability to align technical and administrative controls with regulatory and audit requirements. Lead internal and external audits, including SOC 2 Type I/II readiness, SOX ITGC testing, and HIPAA security rule assessments. Coordinate evidence collection and remediation efforts. Qualifications
In-depth experience with regulatory frameworks and standards including SOX, HIPAA, SOC 2, NYDFS Cybersecurity Regulation, GDPR, and PCI-DSS. Stay current with evolving global cybersecurity laws and compliance obligations. Ability to lead cross-functional teams, mentor junior engineers, and serve as a subject matter expert in security technologies, tools, and frameworks. Strong communication skills to engage with technical and non-technical stakeholders. 5+ years of relevant experience in security engineering and GRC-focused security solutions development. Deep understanding of security standards and frameworks such as NIST, ISO 27001, CIS Controls, and industry compliance regulations (NYDFS, GDPR, HIPAA, PCI-DSS). Proven ability to manage complex timelines and deliverables, ensuring alignment with organizational goals and regulatory requirements. Strong leadership and communication skills, with a track record of engaging stakeholders and guiding security teams toward shared objectives. Candidates should be comfortable with an on-site presence to support collaboration, team leadership, and cross-functional partnership. Benefits and Perks
Competitive compensation Generous vacation policy, paid holidays, and paid sick time Medical Insurance, Dental Insurance, and Vision Insurance (employee-paid) Company-paid Short-Term and Long-Term Disability Insurance Company-paid Group Life insurance Company-paid Employee Assistance Program (EAP) and Calm App subscription Employee-paid Pet Insurance and optional supplemental insurance coverage Vested 401(k) with company match and financial wellness programs Flexible Spending Account (FSA), Health Savings Account (HSA) and commuter benefits options Paid maternity leave, paid paternity leave, and fertility benefits Career growth and learning opportunities …and so much more! Please note: This list is not reflective of all benefits. Enrollment waiting periods or eligibility criteria may apply to certain benefits. Offerings may vary based on subsidiary entity or geographic location. California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at www.Acrisure.com/privacy/caapplicant.
#J-18808-Ljbffr