GRC Analyst II

Are you ready to take your cybersecurity expertise to the next level? Join a fast-paced, innovative team that’s passionate about protecting information, driving impactful change, and staying ahead of the curve in cybersecurity. As a GRC Analyst II, you’ll play a vital role in shaping and evolving our Governance, Risk, and Compliance (GRC) program while working in a fun, collaborative environment where your ideas make a difference.

We’re looking for someone who thrives on autonomy, loves solving complex problems, and wants to help build a stronger, more secure organization. This is a chance to combine technical knowledge with creativity and lead exciting initiatives like improving our security awareness programs and partnering on process improvements. If you’re ready to make cybersecurity both impactful and engaging, this could be the job for you!

What You’ll Do

Create Impactful Policies and Controls

• Develop and maintain cybersecurity policies, standards, and guidelines.
• Ensure compliance with industry best practices, regulatory requirements, and leading cyber frameworks.
• Communicate policies across the organization to keep stakeholders informed and engaged.

Drive Security Awareness

• Design and deliver creative, effective cybersecurity awareness training programs.
• Plan exciting awareness events and campaigns to engage employees.
• Monitor and measure the success of security initiatives to ensure they’re making a difference.

Own Risk Management

• Conduct risk assessments and develop strategies to mitigate identified risks.
• Manage third-party risks by evaluating external vendors and fostering secure relationships.
• Present clear, actionable cybersecurity metrics and key risk indicators to leadership.

Ensure Compliance

• Oversee and maintain compliance with PCI-DSS, SOX, and privacy regulations.
• Perform gap assessments, design action plans, and work with auditors to meet compliance goals.
• Stay ahead of regulatory changes and help the organization adapt quickly.

What We’re Looking For

The Essentials :

• A Bachelor’s degree in Cybersecurity or related field OR equivalent work experience (4 years).
• At least 5 years of experience in cybersecurity, including 3 years in a GRC-focused role.
• Knowledge of cybersecurity control frameworks (NIST CSF is a big plus).
• Familiarity with PCI-DSS, SOX, and privacy compliance.
• Proven experience building and delivering security awareness programs.

What Sets You Apart :

• Strong communication skills, both written and verbal, with the ability to tailor your message to different audiences.
• A proactive, problem-solving mindset.
• A knack for balancing technical rigor with creative approaches to security challenges.

Why You’ll Love It Here

• A dynamic, fast-paced workplace that values innovation and creativity.
• Opportunities to lead meaningful projects and make a real impact.
• A team that supports your growth and celebrates wins together.

If you’re ready to make cybersecurity both exciting and effective, apply today and bring your expertise to a team that’s shaping the future of security!