GRC Analyst

About the Role

The GRC analyst helps maintain A-LIGN’s management system as it relates to information security standards. In this role, you will be responsible for the coordination, maintenance, and improvement of A-LIGN’s corporate compliance program, including internal and external audits.

Reports to

Director of Compliance and Program Management

Pay Classification

Full-Time

Responsibilities 

• Participate in A-LIGN’s management system as it relates to information security standards (including, but not limited to, SOC 2, ISO 27001, NIST 800-53, NIST 800-171)
• Manage the annual audit calendar.
• Coordinate annual audit activities with both external and internal stakeholders.
• Participate in internal and external audit activities.
• Review and track identified non-conformities and opportunities for improvement resulting from audits.
• Prepare regular compliance reports.
• Review, update, and manage documentation in line with information security standards and corporate objectives.
• Complete third-party questionnaires from clients
• Support the vendor management process.
• Participate in business continuity and disaster recovery planning and test execution.

Minimum Qualifications

EDUCATION

• Bachelor’s degree in management information systems, Information Security, Cybersecurity, Business or a related field or an equivalent combination of education and experience

EXPERIENCE

• At least 1 year of IT security, governance, risk, or compliance-related experience
• Knowledge of security and risk frameworks
  • Preferred knowledge of SOC 2, ISO 27001, NIST 800-53, NIST 800-171
• Preferred: Knowledge of GRC tools (OneTrust, RSA Archer, Oracle, etc.)

CERTIFICATIONS         

• Preferred: CISA, CISM, Security+, CCSK, ISO Lead Auditor

SKILLS

• Ability to meet deadlines with a high degree of motivation
• Excellent critical thinking and problem-solving skills
• Strong communication and organizational skills
• Thrives in a fast-paced environment
• Ability to work individually as well as collaboratively

Benefits

• Employer Paid Life & Health Insurance
• Competitive Bonus Structure
• Home Office Reimbursement
• Technology Allowance
• Certification Reimbursement
• BeneficiaT Discount Loyalty Program
• Personalized Career Coaching
• Generous Paid Time Off
• Paid Office Closure December 25-January 1
• Summer Hours

About A-LIGN 

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com. 

Come Work for A-LIGN! 

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.  

A-LIGN is an Equal Opportunity Employer.