GRC Analyst

The GRC analyst helps maintain A-LIGN’s management system as it relates to information security standards. In this role, you will be responsible for the coordination, maintenance, and improvement of A-LIGN’s corporate compliance program, including internal and external audits.

Director of Compliance and Program Management

Full-Time

• →Support information security compliance programs across applicable frameworks, including SOC 2, ISO 27001, ISO 42001, FedRAMP, CMMC, and NIST 800-53/171
• →Coordinate audit, assessment and testing activities with internal and external stakeholders
• →Validate identified findings and nonconformities, manage remediation tracking, monitor resolution progress, and report status to stakeholders
• →Review, update, and maintain information security documentation in accordance with applicable standards and organizational objectives
• →Maintain and update the GRC platform (Optro) current with risk, control, and compliance data
• →Assist with the implementation and ongoing management of data loss prevention (DLP) programs, including false positive identification, policy violations, incident monitoring and response coordination
• →Support third-party risk management activities, including contractor oversight and vendor due diligence reviews
• →Assist with client-issued security questionnaires and assessments
• →Assist with risk management, vulnerability management, incident reviews, data disposal reviews, and BC/DR planning and testing
• →Monitor and track employee completion of security training and awareness programs

EDUCATION

• Bachelor’s degree in management information systems, Information Security, Cybersecurity, Business or a related field or an equivalent combination of education and experience

EXPERIENCE

• At least 1 year of IT security, governance, risk, or compliance-related experience
• Knowledge of security and risk frameworks
  • Preferred knowledge of SOC 2, ISO 27001, ISO 42001, FedRAMP, CMMC, NIST 800-53, NIST 800-171
• Preferred: Knowledge of GRC tools (Optro, OneTrust, etc.)

CERTIFICATIONS         

• Preferred: CISA, CISM, Security+, CCSK, ISO Lead Auditor

SKILLS

• Ability to meet deadlines with a high degree of motivation
• Excellent critical thinking and problem-solving skills
• Strong communication and organizational skills
• Thrives in a fast-paced environment
• Ability to work individually as well as collaboratively

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com. 

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.  

A-LIGN is an Equal Opportunity Employer.