Назад
Company hidden
19 часов назад

Senior GRC Analyst (Cybersecurity)

Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior GRC Analyst (Cybersecurity): Ensuring compliance with contractual and regulatory requirements and assessing control design against common standards with an accent on cyber, contract, and regulatory compliance risk management. Focus on performing third-party risk assessments, monitoring the global legal landscape, and driving operational efficiency through automation and GenAI.

Location: Hybrid (Overland Park, KS or Cary, NC, US)

Company

hirify.global is a 100% employee-owned global leader in sustainable infrastructure, engineering, procurement, consulting, and construction.

What you will do

  • Review client contract provisions related to data security, breach reporting, and cyber resilience to measure compliance.
  • Support independent certifications and audits by collecting documentation and evidence from peer groups and lines of business.
  • Monitor the global regulatory and legal landscape to ensure alignment of policies with contractual and legal requirements.
  • Collaborate with D&IT groups to collect KPIs and KRIs and implement automation to drive efficiency.
  • Conduct third-party risk assessments and communicate vendor engagement risks to business owners.
  • Develop user training aligned with the current cyber threat landscape and establish performance metrics.

Requirements

  • Bachelor’s degree in Information Systems, Information Security, or a related field.
  • 7–10 years of experience in GRC executing or auditing against standards, frameworks, and industry regulations.
  • Proficiency in risk assessment methodologies and familiarity with NIST CSF, ISO 27001, and AICPA SOC.
  • Solid understanding of information security principles, cyber laws, and privacy regulations.
  • Must be based in the US; Visa sponsorship is not available.

Nice to have

  • Professional certifications such as CRISC, CISSP, or equivalent.
  • Experience with the ServiceNow Risk Management platform.
  • Knowledge of FAR, DFARS, and CMMC.

Culture & Benefits

  • 100% ESOP-owned company with stock ownership rewards.
  • Hybrid work environment to support work-life balance.
  • Comprehensive benefits starting day one, including medical, dental, vision, and a robust wellness program.
  • Company-matched 401k plan.
  • Flexible work schedules, paid vacation, holiday time, and sick leave.
  • Tuition reimbursement and adoption reimbursement.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →