Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
P

Senior GRC Analyst

PrizePicks

Senior GRC Analyst at PrizePicks managing governance, risk, and compliance initiatives. Leading cross-department collaboration and regulatory compliance processes in a fast-paced environment.

Posted 7/8/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $110,000 - $120,000 per yearWebsite

Tech Stack

Tools & technologies
SDLC

About the role

Key responsibilities & impact
  • Own the ongoing review and maintenance of organizational security policies, standards, and procedures. Assist in identifying policy gaps based on evolving regulatory requirements, business needs, and industry best practices.
  • Serve as a primary cross-functional coordinator with other dedicated compliance teams (e.g., Legal, Regulatory Affairs, Internal Audit) to design and maintain a unified, strategic governance roadmap that ensures all corporate compliance activities are aligned, documented, and consistently executed across the enterprise.
  • Lead security risk assessments for new and renewing third-party vendors third-party vendors as part of the procurement lifecycle. Track remediation items and collaborate with stakeholders to address identified risks.
  • Coordinate and support the organization's annual security audits and certifications (e.g., SOC 2, PCI, CIS). Coordinate evidence collection, track action items, communicate with stakeholders, and assist with audit readiness activities. Lead cross-functional coordination with internal SMEs to support evidence collection activities with internal SMEs to support the internal evidence gathering process across multiple departments, reviewing appropriateness, tracking action items, and ensuring timely submission of required documentation.
  • Assist with the administration and continuous improvement of the company’s security awareness and training program, including tracking completion metrics and updating training content as needed.
  • Work in close partnership with Legal and Regulatory teams to interpret new and changing compliance requirements. Provide security insight to ensure corporate practices and technology align with legal and regulatory mandates.
  • Proactively identify and drive improvements to the efficiency, consistency, and scalability of GRC processes of GRC processes and documentation. Contribute to initiatives that enhance operational maturity and reduce organizational risk. Ensuring internal tools and processes meet control objectives and reduce organizational risk.
  • Maintain and help evolve risk and issues registries, tracking exceptions, risk owners, update timelines, and supporting broader risk management initiatives across Security and IT functions.

Requirements

What you’ll need
  • 5+ years of experience in Governance, Risk, and Compliance (GRC), Information Security, IT Audit, or related fields.
  • Experience independently managing audits, compliance initiatives, or governance programs with limited supervision.
  • Experience working with security and compliance frameworks such as SOC 2, ISO 27001, SOX 404, PCI-DSS, NIST, GDPR, CIS or similar standards.
  • Familiarity with audit processes including evidence gathering / review, remediation tracking, and auditor coordination.
  • Experience maintaining or developing security policies, standards, and procedures.
  • Hands-on experience conducting Third-Party Risk Management (TPRM) assessments, including vendor security reviews, questionnaire evaluations, risk analysis, remediation tracking, and ongoing monitoring of third-party risk throughout the vendor lifecycle.
  • Experience identifying, documenting, tracking, and communicating security and compliance risks to technical and non-technical stakeholders, including supporting risk remediation and exception management processes.
  • Experience working with GRC platforms and tooling to manage compliance activities, risk registers, policy lifecycle management, audit evidence collection, and workflow automation.
  • Experience interpreting and mapping security and compliance controls to operational processes and evidence requirements, including refining control language, validating control applicability, and ensuring appropriate evidence collection aligns with audit and compliance expectations.
  • Familiarity with the impact of Governance, Risk, and Compliance (GRC) on the Secure Software Development Life Cycle (SSDLC) and IT operations.
  • Experience supporting privacy and data protection compliance initiatives, including CCPA, consumer privacy regulations, and broader PII/data handling protection requirements across business and technology environments.
  • Strong written and verbal communication skills with the ability to collaborate across technical and non-technical teams.
  • Strong organizational skills and ability to manage multiple priorities effectively.Strong project management experience.

Benefits

Comp & perks
  • Company-subsidized medical, dental, & vision plans
  • 401(k) plan with company match
  • Annual bonus
  • Flexible PTO to encourage a healthy work/life balance (2 weeks STRONGLY encouraged!)
  • Generous paid leave programs, including 16-week paid parental leave and disability benefits
  • Workplace flexibility and modern work schedules focused on getting the job done, not hours clocked
  • Company-wide in-person events and team outings
  • Lifestyle enhancement program
  • Company equipment provided (Windows & Mac options)
  • Annual performance reviews with opportunities for growth and career development

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Risk AssessmentCompliance AuditingEvidence GatheringRemediation TrackingSecurity Standards DevelopmentRegulatory ComplianceControl MappingData Protection ComplianceVendor Security ReviewsPolicy Lifecycle Management
Soft Skills
Strong Written CommunicationStrong Verbal CommunicationOrganizational SkillsProject ManagementCollaboration