GRC Analyst

• Job Purpose

  This role reports to the Sr. Director of Security & Compliance and will manage aspects of corporate compliance and risk management, including internal audits, external audits, and customer and vendor audits.  The Staff GRC Analyst will ensure that the organization's Information Security policies and procedures are implemented and well documented and that compliance issues are identified, and remediation plans formalized in a timely fashion. The Staff GRC Analyst will perform internal reviews and develop risk management strategies to avoid non-compliance.  

  Key Responsibilities

  • Provides point of contact for assigned audits which may include customer audits, statutory/regulatory audits, SOC 2, PCI or others as needed
  • Serve as company representative with clients and partners, responding to security questionnaires and managing audits
  • Performs risk assessments, analysis, and synthesis of internal IT & business process controls
  • Ability to conduct, evaluate, test, and document internal controls assessments
  • Ability to communicate identified control weaknesses and provided recommendations for remediation and risk mitigation
  • Compliance audit reviews, and remediation testing of issues identified during third-party assurance reviews or internal assessments
  • Advises internal business clients on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities in their environment.
  • Contributes to various project requests from functional teams to increase operational efficiency, strengthen the IT environment, and help meet the company's internal and external regulatory or compliance requirements.
  • Performs ad-hoc compliance requests or additional duties as assigned

ABOUT OUR PLATFORM

Tungsten Automations Intelligent Automation software platform helps government agencies transform information-intensive business processes, reduce manual work and errors, minimize costs, and improve customer engagement. We combine Generative AI, Knowledge Management, Intelligent Document Processing, Process Orchestration, mobility and engagement, and analytics to ease implementations and deliver dramatic results that mitigate compliance risk and increase competitiveness, growth and profitability—particularly crucial for highly regulated industries facing complex compliance requirements. No other software vendor offers a platform of complementary technologies integrated into a scalable, manageable software platform, positioning us to grow and dominate the process automation space. 

While the job description describes what is anticipated as the requirements of the position, the job requirements are subject to change based upon any changing needs and requirements of the business.

• Qualifications

  • Prior experience conducting internal and external risk assessments and compliance measures and / or remediation items and implementing and enforcing policies and procedures
  • Familiar with GRC tools for managing audit controls, evidence gathering and reporting
  • Experience with CIS or ISO audit programs
  • Experience performing third party assurance assessments
  • Excellent client/interdepartmental relationship and customer service skills, with a clear client focus
  • High degree of independence and exceptional work ethic with a team player attitude and a detailed- and solution-oriented mind
  • Familiarity with core IT and Information Security Technologies
  • Exceptional interpersonal, written, and oral communication skills

• Required Experience

  • Certifications in GRC
  • See Qualifications section
  • Experience with risk management tools
  • Excellent documentation skills

Tungsten Automation Corporation, Inc. is an Equal Opportunity Employer M/F/Disability/Vets

The base salary range for this role, across the US, is $107,190 - $120,716. Your actual base pay within this range will be determined by your work location as well as skills, qualifications, experience, and relevant education/training. The range provided reflects only the base salary for the role and does not include benefits.