Lead Security Risk Analyst (GRC)

TL;DR

Lead Security Risk Analyst (GRC): Leading governance, risk, and compliance initiatives to protect company assets, employees, and customers with an accent on cyber risk management, vendor security, and regulatory compliance. Focus on developing risk frameworks, driving security assessments, and building a risk-aware culture across the organization.

Location: Hybrid in New York, New York, USA

Salary: $192,500–$211,750 per year

Company

hirify.global is a startup focused on solving HR issues by enabling businesses to focus on running their operations, offering a supportive and entrepreneurial environment.

What you will do

• Develop and execute GRC strategy and multi-year roadmaps to mature the GRC function.
• Lead cyber risk management, vendor security assessments, security training, and compliance programs including SOC2 and GDPR.
• Collaborate cross-functionally with Engineering, IT, People, and Finance to meet control requirements and support audits.
• Drive security assessments, risk identification, treatment, and monitoring via risk registers.
• Build and mature vendor risk management programs and oversee third-party vendor relationships.
• Mentor GRC analysts and work with security teams to enhance GRC capabilities.

Requirements

• Location: Hybrid role based in New York City
• 7+ years in cybersecurity with leadership in GRC projects across cyber risk, vendor security, compliance, and security awareness.
• Deep knowledge of risk assessment methodologies including NIST 800-53 and CIS.
• Experience with operational risk management, third-party assessments, and regulatory compliance.
• Technical understanding of cloud security in AWS environments.
• Strong communication, organizational, and analytical skills with ability to influence cross-functional teams.

Nice to have

• Security certifications such as CISSP, CISM, CRISC, or CISA.
• Experience with GRC tools like Archer, Workiva, or LogicGate.

Culture & Benefits

• Welcoming and casual environment with wellness programs and company retreats.
• Focus on core values: Camaraderie, Openness, Grit, Integrity, and Simplicity.
• Supportive entrepreneurial culture with opportunities to learn from startup leaders.
• Commitment to diversity, equity, inclusion, and accessibility.