MeridianLink
Governance, Risk, and Compliance Audit Analyst #1819
MeridianLink, Washington, District Of Columbia, United States, 20001
Governance, Risk, and Compliance Audit Analyst
The GRC Analyst, professional level 2, of the Security Operations and Compliance subfamily of the IS and Compliance job family, is responsible for the organization's information security, compliance, and risk management programs to safeguard internal company data and the data of our clients. The Security Operations and Compliance subfamily is responsible for the management of the company's information security policies, processes, and toolsets; vendor risk management in terms of their information security practices; audit; and compliance with internal security policies, government regulations, vendor security requirements, and customer security requirements. The GRC Analyst will conduct risk assessments for systems, products, and vendors to ensure compliance with government agencies and customer requirements. The professional level 2 role will answer client and vendor questions regarding the company's compliance with information security standards. The role will build and lead the day-to-day security and privacy compliance, governance, and risk management functions at a fast-growing SaaS startup. Responsibilities
The GRC Analyst will lead auditors through evidence collection and observations Expected to be responsible for customer satisfaction with compliance responses Responsible for leading risk remediation methods and identification tactics The GRC Analyst will work with cross-functional teams to build and operate controls and processes that satisfy an array of security and privacy-related regulatory requirements The role will facilitate risk assessments, maintain a risk register, and proactively communicate risk with management Expected to lead the response to customer security questionnaires, RFPs, and inquiries about our Security & Compliance program Qualifications: Knowledge, Skills, and Abilities
Ability to determine a course of action based on guidelines and adapt processes and methods as required. Exercise judgment within defined procedures and practices to determine appropriate actions. Build productive internal and external working relationships to resolve mutual problems through collaboration. Bachelor's degree and 2-4 years of related experience or equivalent work experience.
The GRC Analyst, professional level 2, of the Security Operations and Compliance subfamily of the IS and Compliance job family, is responsible for the organization's information security, compliance, and risk management programs to safeguard internal company data and the data of our clients. The Security Operations and Compliance subfamily is responsible for the management of the company's information security policies, processes, and toolsets; vendor risk management in terms of their information security practices; audit; and compliance with internal security policies, government regulations, vendor security requirements, and customer security requirements. The GRC Analyst will conduct risk assessments for systems, products, and vendors to ensure compliance with government agencies and customer requirements. The professional level 2 role will answer client and vendor questions regarding the company's compliance with information security standards. The role will build and lead the day-to-day security and privacy compliance, governance, and risk management functions at a fast-growing SaaS startup. Responsibilities
The GRC Analyst will lead auditors through evidence collection and observations Expected to be responsible for customer satisfaction with compliance responses Responsible for leading risk remediation methods and identification tactics The GRC Analyst will work with cross-functional teams to build and operate controls and processes that satisfy an array of security and privacy-related regulatory requirements The role will facilitate risk assessments, maintain a risk register, and proactively communicate risk with management Expected to lead the response to customer security questionnaires, RFPs, and inquiries about our Security & Compliance program Qualifications: Knowledge, Skills, and Abilities
Ability to determine a course of action based on guidelines and adapt processes and methods as required. Exercise judgment within defined procedures and practices to determine appropriate actions. Build productive internal and external working relationships to resolve mutual problems through collaboration. Bachelor's degree and 2-4 years of related experience or equivalent work experience.