Governance, Risk, & Compliance Analyst

For over four decades, PAR Technology Corporation (NYSE: PAR) has been a leader in restaurant technology, empowering brands worldwide to create lasting connections with their guests. Our innovative solutions and commitment to excellence provide comprehensive software and hardware that enable seamless experiences and drive growth for over 100,000 restaurants in more than 110 countries. Embracing our "Better Together" ethos, we offer Unified Customer Experience solutions, combining point-of-sale, digital ordering, loyalty and back-office software solutions as well as industry-leading hardware and drive-thru offerings. To learn more, visit partech.com or connect with us on LinkedIn, X (formerly Twitter), Facebook, and Instagram.

Position Description: 

PAR is looking for a Governance, Risk, & Compliance (“GRC”) Analyst, reporting to the Vice President of GRC. PAR is an international, fast-paced, high-growth environment and our tech stack is cloud and SaaS first, with a limited on-prem footprint. Our ideal candidate will embrace diverse perspectives and exhibit integrity, leadership, security domain expertise, strong technical acumen, sound business judgement, creativity, entrepreneurial spirit, and exceptional communication skills, all while keeping security and business objectives front and center.

Position Location:

Chicago or New Hartford

Reports To: 

Vice President of GRC

What We’re Looking For:

Entrees (Requirements):

•  Ability to build collaborative relationships with diverse stakeholders across the whole company

• Effective communicator who can coordinate, escalate, provide feedback, and ask for help

• Capable of efficiently supporting the GRC team's workflow

• Continuous learner, innovator, and collaborator who thrives on helping people achieve more than they thought possible – together, we win as a team!

• Bachelor’s degree in a business or technology-related major and a current industry certification, such as CISSP, CIPP, CCSP, CISM, etc.

• 3-5 years of hands-on GRC or technology experience in one or more domains, such as cybersecurity, data privacy, IT audit, or compliance

• Significant experience working with audit principles, methodologies, and standards

• Experience working independently, prioritizing tasks, and managing multiple initiatives simultaneously

• Thorough knowledge of common regulations, laws, and control frameworks, such as SOX ITGCs, GDPR, CCPA, SOC II, PCI, CIS, ISO27001, etc.

With a side of (additional skills):

•  Experience working in a (SaaS) technology company

• Working knowledge of Agile Scrum, SDLC, Dev Ops

• M&A experience

• Successfully working in a remote-first environment

Unleash your potential: What you will be doing and owning:

•  The GRC Analyst and the GRC team are primarily responsible for GRC capabilities, including unified cybersecurity, data privacy & trust framework oversight, third-party risk management, customer assessment & inquiry response, trust center development & maintenance, and related inquiry resolution.

• While being a key resource for the entire company, the GRC Analyst should be a subject matter expert who partners closely with IT, Legal, Internal Audit, and the Product & Technology teams in delivering against the company’s overall cybersecurity, privacy & trust program.

• Support the GRC team vision and strategy aligned with PAR's business objectives, and oversee the implementation and management of the cybersecurity, privacy & trust program aligned with industry best practices and compliance requirements

• In partnership with the IT, Legal, Internal Audit, and the Product & Technology team, prioritize the most valuable outcomes for the business aligned with the applicable risk-based control frameworks (e.g., CIS, SOC, PCI, CCPA/GDPR)

• Serve as a strong team member on the GRC team to be business focused, deeply technical, highly motivated, and productive, fostering a culture of continuous improvement and professional development

• Assist in the governance of GRC operations to ensure the Company meets all required compliance standards and regulations through governing policies, implementing the appropriate control framework(s), conducting applicable risk and control assessments, and staying up-to-date on applicable compliance requirements, work with stakeholders to develop action plans, remediation strategies, and corrective actions to address identified issues while tracking and managing audit findings, deficiencies, and remediation activities to ensure timely resolution and closure, escalating as needed Assess and deploy GRC tools in furtherance of the GRC program

• Objectively communicate progress toward defined goals and outcomes by assisting in the development of appropriate KPIs/KRIs and related reports appropriate for senior leadership

Interview Process:

• Interview #1: Phone Screen with Talent Acquisition Team

• Interview #2: Video interview with the Hiring Manager (via MS Teams)

• Interview #3: Video interview with the Team (via MS Teams)

Perks and Benefits Hot Off the Grill:

• Unlimited PTO (Exempt Employees)

• 3+ weeks/ year of Vacation/ PTO (Non-exempt Employees)

• Healthcare Benefits

• Fitness/ Wellness Reimbursement ($400/year)

• Internet Stipend (Remote employees)

• Employee Stock Purchase Program

• 401k Match

PAR is proud to provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. We also provide reasonable accommodations to individuals with disabilities in accordance with applicable laws. If you require reasonable accommodation to complete a job application, pre-employment testing, a job interview or to otherwise participate in the hiring process, or for your role at PAR, please contact accommodations@partech.com. If you’d like more information about your EEO rights as an applicant, please visit the US Department of Labor's website.