Plus
Включить Plus
Назад
Company hidden
2 дня назад

Senior GRC Analyst (Fintech)

130 000 - 160 000$
Формат работы
remote (только USA)/hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US/Canada
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior GRC Analyst (Fintech): Operating and maturing governance, risk, compliance, and audit readiness programs for a high-growth fintech platform with an accent on SOC 2, ISO 27001, and HITRUST frameworks. Focus on building scalable security policies, managing customer assurance questionnaires, and bridging the gap between technical security requirements and business operations.

Location: Must be based in the United States or Canada. The role is remote but requires attendance at company-wide on-site events 3-4 times per year and occasional office travel.

Salary: $130,000–$160,000 + Equity

Company

hirify.global is a fintech platform helping companies reimagine employee benefits through a highly customizable and easy-to-use solution.

What you will do

  • Maintain and improve information security policies, standards, and control documentation.
  • Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, and evidence collection.
  • Manage customer security questionnaires, RFP security sections, and due diligence requests.
  • Track audit findings, control gaps, and remediation plans across the organization.
  • Support risk assessments, internal reviews, and maintenance of the risk register.
  • Use GRC platforms to improve evidence collection, control monitoring, and reporting.

Requirements

  • 5+ years of experience in GRC, information security compliance, or IT audit.
  • Must be based in the United States or Canada.
  • Hands-on experience supporting SOC 2 audits and readiness activities.
  • Working knowledge of ISO 27001/27002, HITRUST, NIST CSF, or similar frameworks.
  • Experience responding to customer security questionnaires and RFP security sections.
  • Ability to communicate security and compliance expectations clearly to technical and non-technical teams.

Nice to have

  • Certifications such as CISA, CISM, CRISC, HITRUST CCSFP, or Security+.
  • Experience supporting HIPAA, PCI DSS, or GDPR frameworks.
  • Experience in a startup or high-growth technology company.
  • Familiarity with customer trust centers and security assurance portals.

Culture & Benefits

  • 95% coverage of medical, dental, and vision insurance.
  • $250 one-time WFH setup stipend.
  • $500/year Learning & Development benefit.
  • Monthly stipends for cell phone, internet, wellness, and co-working/commuting.
  • Flexible PTO policy.
  • Regular team on-site events.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →