GRC Security Analyst

Job Summary

As a full-time remote GRC Security Analyst, the successful candidate will ensure adherence to security standards and regulations within the mortgage lending and appraisal industry, conduct risk assessments, and coordinate internal and external audits while developing security policies and enhancing compliance efforts.

Key responsibilities

• Monitor and enforce compliance with security frameworks and industry regulations relevant to financial services
• Conduct comprehensive risk assessments to identify vulnerabilities and evaluate existing controls
• Lead preparation for security audits and develop remediation plans for identified security gaps

Required qualifications

• Minimum of 5 years of experience in GRC, security compliance, or risk management roles with a Bachelor's degree, or 3 years with a Master's degree
• Complete knowledge of relevant security frameworks (e.g., NIST CSF, SOC 2) and data privacy regulations (GLBA, GDPR, CCPA)
• Relevant industry certifications such as CISSP, CISM, CISA, or CRISC
• Strong analytical skills with the ability to independently assess complex security issues
• Familiarity with GRC technologies and risk assessment tools specific to the financial services industry