Senior Security GRC Analyst (Remote)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Security GRC Analyst in the United States.

In this role, you will lead governance, risk, and compliance (GRC) initiatives to ensure that security controls and practices meet regulatory and business requirements. You will manage risk registers, drive remediation of control gaps, and provide guidance to teams across the organization. This position requires collaboration with both technical and non-technical stakeholders to integrate cybersecurity and privacy principles into daily operations. You will support audits, certifications, and third-party risk assessments while helping build a culture of security awareness. The role offers a hybrid work environment with the opportunity to shape enterprise-wide risk management programs and influence strategic security decisions. Ideal candidates bring deep experience in security frameworks, compliance, and risk management, combined with strong analytical and communication skills.

Accountabilities

• Validate and verify organizational security controls against frameworks such as ISO 27001, ISO 27701, PCI, SOC 2, and other relevant regulatory standards.
• Manage the IT Risk Register, including identification, tracking, prioritization, and reporting of risks.
• Drive remediation of control deficiencies and gaps, partnering with control owners to implement effective solutions.
• Provide guidance on planning, designing, operating, maintaining, and remediating control activities, policies, and processes.
• Communicate cybersecurity risk and compliance status to stakeholders and leadership through clear reporting.
• Support customer trust initiatives, including security assessments and questionnaire responses.
• Develop risk metrics and reports for management, tracking control maturity, compliance status, and performance.
• Assist with third-party risk management, ensuring consistent enforcement of information security requirements.

Requirements

• 8+ years of experience supporting cybersecurity risk or controls management programs.
• In-depth knowledge of security frameworks including ISO 27001, ISO 27701, PCI-DSS, SOC, NIST CSF, and other regulatory requirements.
• Experience managing audits, certification programs, and control assessments, including scoping, control testing, and risk mapping.
• Strong ability to define and execute program vision, strategy, and milestones aligned with organizational priorities.
• Proven collaboration skills with engineers, business teams, and security partners to embed security controls seamlessly.
• Familiarity with IT infrastructure, networks, databases, ERP systems, and cloud environments.
• Preferred certifications: CISA, CISM, CISSP, CRISC.
• Experience in AI infrastructure, machine learning, or computer hardware industry is a plus.
• Familiarity with Security by Design and Privacy by Design principles, and third-party tools like AuditBoard, Whistic, RSA Archer, or ServiceNow.

Benefits

• Competitive salary: $154K – $200K, with compensation adjusted based on experience and role requirements.
• Health, dental, and vision coverage for employees and dependents.
• Flexible paid time off plan.
• 401(k) plan with company match.
• Wellness and commuter stipends for select roles.
• Hybrid work environment with designated work-from-office days.
• Opportunity to work in a high-growth, AI-focused technology environment.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or assessments) are made by their internal hiring team.

Thank you for your interest!

#LI-CL1