FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Senior GRC Analyst
Amynta GroupSenior GRC Analyst at Amynta Group managing information security risks and compliance assessments. Collaborating with IT and business stakeholders to enhance governance and risk management processes.
Tech Stack
Tools & technologiesCyber Security
About the role
Key responsibilities & impact- Independently assess, analyze, and document information security risks across systems, applications, and technology‑enabled processes using a risk‑based approach.
- Support and maintain the information security governance framework, including policies, standards, procedures, and control documentation.
- Assess the design and operating effectiveness of security controls and provide risk‑based recommendations to Information Security leadership.
- Monitor and report on adherence to internal security policies and applicable regulatory and contractual requirements.
- Identify, track, and report control deficiencies and policy violations; partner with stakeholders to drive corrective actions.
- Support internal and external audits, regulatory examinations, and customer assurance activities, including evidence coordination, audit responses, and remediation tracking.
- Provide governance and coordination support for SOC 2 Type 2 assurance activities, including control readiness, internal testing, and auditor engagement.
- Develop and maintain a centralized security knowledge base to streamline customer, partner, and due‑diligence responses.
- Execute security awareness and training activities, including platform administration and phishing simulations.
- Partner with IT, Legal, and business stakeholders to ensure security requirements are understood and incorporated into relevant processes.
- Support the development and implementation of the IT vendor risk management program, including third‑party risk assessments and vendor risk tracking.
- Contribute to continuous improvement of GRC processes, tooling, and reporting.
- Perform other duties consistent with the scope of the role.
Requirements
What you’ll need- Bachelor’s degree in Information Systems, Information Security, Risk Management, Cybersecurity, or a related discipline; equivalent practical experience may be considered.
- 4–7 years of progressively responsible experience in information security, governance, risk and compliance (GRC), risk management, compliance, audit, or related IT security functions.
- Proven experience supporting security, IT, or compliance audits (e.g., SOC, ISO, internal audit, regulatory examinations), including audit readiness, evidence collection, and remediation tracking.
- Experience assessing information security risks, evaluating control effectiveness, and identifying compliance gaps.
- Working knowledge of common security frameworks and regulatory standards such as NIST, ISO 27001, SOC, NYDFS Part 500, PCI-DSS, or similar frameworks.
- Professional certifications such as CISA, CRISC, CISSP, or ISO 27001 are preferred, but not required.
- Legally authorized to work in the United States without current or future employer sponsorship.
Benefits
Comp & perks- Health insurance
- Flexible work arrangements
- Professional development opportunities
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
information securityrisk managementgovernancecomplianceauditsecurity controlssecurity frameworksrisk assessmentscontrol effectivenesssecurity awareness
Soft Skills
analytical skillscommunicationstakeholder engagementorganizational skillsproblem-solvingcollaborationattention to detailcontinuous improvementtrainingdocumentation
Certifications
CISACRISCCISSPISO 27001