Security and Privacy Compliance Analyst

Job Summary

A company is looking for a GRC Analyst to help safeguard organizational and customer data.

Key Responsibilities

• Lead the management and scaling of core security compliance frameworks, including SOC 2 Type II and ISO 27001
• Govern global data privacy operations to ensure compliance with GDPR, CCPA/CPRA, and other data protection laws
• Manage the internal audit program and oversee the third-party vendor risk lifecycle to identify and mitigate vulnerabilities

Required Qualifications

• 3+ years of experience in IT Audit, Information Security, Privacy Operations, or GRC, preferably in a B2B SaaS or FinTech environment
• Hands-on experience with compliance frameworks such as SOC 2 and ISO 27001, and knowledge of global privacy legislation
• Understanding of cloud computing architectures (AWS, Azure, GCP) and familiarity with ERP systems is a plus
• Bachelor's degree in Information Systems, Cybersecurity, Business, or a related field
• Relevant industry certifications such as CISA, CISM, CIPP/E, CIPP/US, or Security+ are preferred