Infosec GRC Analyst
Strength in Trust
Our goal at OneTrust is to bring the power of trust to companies all over the world. Using cutting-edge technology and a real-world approach to ethics, compliance, privacy, security, and third-party risk, we’ve created a no-nonsense platform to help supercharge the global push for trust.
The Challenge
We are a company born in the cloud and utilize 100% cloud-based technologies to support our customers, and we are looking for an individual who can help mature our GRC program in this fast-growing environment. We are seeking an Analyst to join our InfoSec GRC team. This individual will help execute the GRC vision and support the governance and compliance function.
This role will support IT and InfoSec by performing various governance, risk, and compliance activities as part of the OneTrust InfoSec GRC team. In addition, this role will collaborate GRC team members to update policies, standards, and procedure documents. In addition, this individual will assist with client audits, assist with RFPs/RFQs and internal audits, and manage the issues and risk acceptance process.
This position is based in office in Atlanta, GA reporting to the Director of GRC in the IT and Information Security departments.
Your Mission
- Execute compliance and continuous assurance processes, including following up on remediation status and provide compliance metrics
- Collaborate with IT, InfoSec, and within the GRC team and assist with maturing our compliance process and program
- Assist with the company’s risk and control self-assessment, audit management, security risk assessment, and third-party assessment processes
- Work closely with team lead to execute risk assessments of third-party vendors
You Are
- Value Driven: You are detail oriented with an eye for quality
- Self-Starter: You are proactive and motivated to learn
- An Innovator: Possess the ability to seek alternatives and recommend best solutions
- A Relationship Builder: Strong ability to listen, build rapport, and nurture credibility as a strategic partner both vertically and horizontally
Your Experience Includes
Bachelor's degree in technical or business field
- 1+ years in IT security, risk management, compliance, and auditing required
- General understanding of applicable laws and regulations, including but not limited to: GDPR, CCPA, PCI-DSS, SOC 2, ISO, and FedRAMP
- Experience reviewing controls, including control testing and developing remediation plans and/or strategies
- Experience reviewing SOC 2 reports or other independent audit reports
- General understanding of technology domains including governance, risk management, security, privacy, and information technology, vendor risk management, and business continuity
Extra Awesome
- Master's degree in technical or business field
- Consulting and/or international experience
- Certifications: Security+, CISSP, CISM, CCSP, CISA, Azure
Our Commitment to You
When you join OneTrust you are stepping onto a launching pad — the countdown has begun. The destination? A career without boundaries working alongside a diverse and inclusive crew who is passionate about doing meaningful work. As a pioneer, your voice and expertise will help chart the direction of an entirely new industry — Trust. Our commitment to putting people first starts with you. Your growth is part of the mission. Our goal is to give you the power to embark on the next phase of your uniquely, unique career
OneTrust provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
#LI-AL1