GRC Analyst for US Fintech Company - Remote Americas

GRC Analyst - Remote (Americas)

Our client, an innovative fintech company, is seeking a skilled Governance, Risk, and Compliance (GRC) Analyst to join their team. This full-time, permanent position offers the opportunity to work 100% remotely from anywhere in the Americas.

Position Overview

As a GRC Analyst reporting directly to the Head of Security, you will play a pivotal role in shaping and maintaining the organization's governance, risk, and compliance programs. Your expertise will be crucial in ensuring adherence to regulatory requirements, industry standards, and internal policies.

Key Responsibilities

- Lead SOC 2 audit preparation and ongoing compliance efforts

- Utilize Vanta to automate and streamline compliance processes

- Implement and maintain NIST Cybersecurity Framework (CSF) controls

- Ensure compliance with NYDFS Cybersecurity Regulations

- Conduct thorough risk assessments and develop effective mitigation strategies

- Create and update policies, procedures, and controls documentation

- Collaborate with internal stakeholders to implement and monitor security controls

- Prepare comprehensive reports for management on compliance status and risk exposure

- Stay informed about evolving regulatory requirements and industry best practices

Required Qualifications

- Bachelor's degree in Information Security, Computer Science, or a related field

- Minimum 3 years of experience in GRC, information security, or related roles

- Proven experience with SOC 2 audit preparation and compliance

- Proficiency with Vanta or similar compliance automation tools

- Strong knowledge of NIST CSF and NYDFS Cybersecurity Regulations

- Excellent analytical and problem-solving skills

- Outstanding written and verbal communication abilities

- Fluency in English at the C2 level

- Self-motivated with the ability to work independently in a remote environment

Preferred Qualifications

- ISACA CISA certification

- Experience in the fintech or financial services industry

- Familiarity with other frameworks such as ISO 27001, GDPR, or PCI DSS

What Our Client Offers

- Competitive salary based on local market rates

- Comprehensive benefits package

- 100% remote work environment

- Opportunity to contribute significantly to a growing fintech company's security posture

- Continuous learning and professional development opportunities

Our client is an equal opportunity employer and values diversity. They do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

If you are passionate about GRC and ready to make a substantial impact in a dynamic fintech environment, we encourage you to apply. Please submit your resume in English.