Illumio

Senior GRC Analyst

Illumio

full-time

Posted on:

Location Type: Remote

Location: Remote • New York • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $123,000 - $140,000 per year

Job Level

Senior

About the role

  • Lead and manage SOC 2 Type 2, ISO 27001, and PCI audit preparation and execution processes, ensuring alignment with regulatory standards.
  • Develop, implement, and maintain GRC programs, policies, and procedures that adhere to relevant standards and best practices.
  • Collaborate with stakeholders to define control objectives, identify risks, and implement remediation actions.
  • Conduct gap assessments and manage risk assessments to identify potential compliance and security risks.
  • Provide guidance on regulatory requirements and support initiatives to achieve and maintain compliance.
  • Work with external auditors and coordinate audit activities to ensure successful audit outcomes.
  • Stay up-to-date on regulatory changes, industry standards, and best practices to continuously improve the GRC program.
  • Occasionally participate with customer responses on an as needed basis and if time permits.
  • Assist with on-call rotation to monitor the Security ticket queue. Hours are typically 9:00am to 7:00pm with best effort on Saturday and Sunday. (Approximately a 12-week rotation)

Requirements

  • Bachelor’s Degree in information systems management, Accounting, or a related field, or Master's Degree in relevant field
  • At least one of the following certifications: CISSP, CISA, CISM, CRISC, or similar certifications relevant to GRC and compliance.
  • Minimum of 8+ years of experience in GRC or Compliance, with hands-on experience managing SOC 2 Type 2, ISO 27001, 27701, and PCI audits.
  • Deep understanding of risk management, governance, and compliance frameworks.
  • Proficiency in control frameworks such as COSO, COBIT, and NIST.
  • Strong project management skills with a detail-oriented approach.
  • Excellent written and verbal communication skills, with the ability to articulate compliance issues to key stakeholders.
  • Experience with other compliance frameworks or certifications (e.g., GDPR, HIPAA) is a plus
  • Experience using GRC tools and software is a plus
Benefits
  • Medical, Dental, Vision Coverage
  • Health and Dependent Savings Accounts
  • Life and Disability Programs
  • Paid Parental Leave
  • Voluntary Benefit Programs
  • Company Sponsored Wellness Program
  • Wellness Reimbursement Program
  • Retirement Savings
  • Equity Opportunities
  • Paid time off
  • Paid Holidays
  • Employee Incentive Program

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
GRC programsSOC 2 Type 2ISO 27001PCI auditsrisk managementgovernance frameworkscompliance frameworkscontrol frameworksCOSONIST
Soft skills
project managementdetail-orientedwritten communicationverbal communicationstakeholder engagement
Certifications
CISSPCISACISMCRISC