
Governance, Risk and Compliance Analyst
Posted 2 days ago

Posted 2 days ago
This is a fully remote position, open to applicants in United States.
β’ Ensure that the requirements for the compliance assurance program control are properly documented, and that processes are in place to validate the effectiveness of these controls.
β’ Work together with cross-functional teams to collect and validate compliance artifacts that meet both internal and external requirements and obligations.
β’ Engage in annual and ad-hoc risk assessments alongside internal stakeholders.
β’ Contribute to initiatives aimed at obtaining compliance attestations and certifications, such as ISO-27001, SOC 2, and PCI-DSS.
β’ Aid in identifying control deficiencies and monitor the progress of remediation efforts.
β’ Ensure that third-party vendors fulfill Aderant's security and compliance requirements by gathering and reviewing assessment questionnaires, artifacts, and attestation documents.
β’ Support additional governance activities including business continuity testing, data mapping, and disaster recovery exercises.
β’ Take part in the coordination and implementation of the security awareness training program, which includes creating security advisories and facilitating training activities and simulated phishing campaigns.
β’ Assist in the review and updating of security and compliance policies and procedures to ensure they accurately reflect business needs and align with industry-leading security practices.
β’ Help formulate information security metrics and dashboards that illustrate adherence to defined KPIs.
β’ Respond to customer questionnaires related to Aderant's security, compliance, and overall posture, collaborating with other teams as necessary.
β’ 2 to 5 years of pertinent experience in an Information Security or Governance, Risk, and Compliance (GRC) role.
β’ The capability to identify opportunities for risk reduction, detect and remediate vulnerabilities, and ensure compliance and audit readiness.
β’ Familiarity with regulatory frameworks and standards, including but not limited to ISO 27001, ISO 27701, ISO 42001, AIUC, PCI DSS, NIST CSF, CIS Top 20, GDPR, and/or CCPA.
β’ Basic technical knowledge of cloud service platforms such as AWS, Azure, etc.
β’ Proficient in Microsoft Office Suite, particularly Excel, PowerPoint, and Teams.
β’ Basic understanding and experience with AI tools like ChatGPT, Claude, MS Copilot, etc.
β’ Experience utilizing GRC automation platforms.
β’ Strong analytical abilities and the capacity to understand and document complex business process data flows.
β’ A high degree of professionalism, attention to detail, strong organizational skills, team orientation, dedication, resourcefulness, and a willingness to learn.
β’ Ability to manage multiple tasks and priorities while demonstrating effective time management and communication skills.
β’ Excellent communication skills, with the ability to convey basic security concepts to both technical and non-technical stakeholders.
β’ Health insurance
β’ Professional development opportunities
Airbnb
Fruitful
Tenpoint Therapeutics, Ltd.
Cover Whale
Get handpicked remote jobs straight to your inbox weekly.