Strata Decision Technology

Senior GRC Associate

Posted 10 Hours Ago

Easy Apply

Be an Early Applicant

Chicago, IL

Hybrid

Senior level

Fintech • Healthtech • Information Technology • Professional Services • Software • Analytics • Consulting

We empower organizations to fuel their missions.

The Role

The Senior GRC Associate will enhance Strata’s cybersecurity compliance program, manage certifications, and ensure alignment with established security frameworks. Responsibilities include risk assessments, internal audits, and policy documentation oversight, while collaborating with various departments to meet compliance standards.

Summary Generated by Built In

How you’ll make an impact:
The Senior Governance, Risk, and Compliance (GRC) Associate will operate with a high degree of autonomy within Strata’s Information Technology team, proactively engaging in aspects of governance, risk, and compliance. This self-driven role collaborates across departments to ensure that Strata meets industry regulations, client requirements, and best practices. As a subject matter expert, the Senior GRC Associate is well-versed in certifications and regulatory standards such as state privacy laws, HIPAA, ISO 27001, ISO 22301, and SOC.

GRC Program Activities

Drive the maturation of a best-in-class cybersecurity compliance assurance program, focusing on continuous monitoring of controls, timely identification and remediation of control gaps, and implementing efficiencies that enhance compliance efforts across various products.
Lead the annual recertification process for Strata’s HITRUST certification. Validate scope is still relevant and develop the roadmap of how new services and functionality will be incorporated into the certification scope.
Participate in the assessments and improvements of our control framework, ensuring alignment with established security frameworks such as ISO 27001, SOC 2, and HITRUST.
Ensure all program policies, procedures, and documentation are reviewed for accuracy and relevance by key stakeholders and update these documents as new regulations and requirements are made available.

GRC Operations

Work closely with members of business development and IT leadership, complete third-party risk management assessments under the request of Strata’s customers.
Complete necessary third-party vendor risk management activities based on Strata standards and best practices.
Conduct internal audits to verify that internal controls are functioning as intended and effectively mitigate risk.
Engage in Disaster Recovery, Business Continuity, and Security Event exercises to assess and refine policies and processes in response to disruptions.
Recognize challenges in the audit process, propose solutions, and collaborate to implement approved enhancements.

What we’re looking for:

Minimum 5+ years of experience with a concentration in IT Governance, Risk, and Compliance
Experience achieving and maintaining HITRUST certification
Experience with SOC Controls
Excellent communication skills including the ability to communicate technical issues to users with little technical background/expertise
Self-motivated, proactive and able to manage multiple priorities
Mastered knowledge in:
- Microsoft office suite
- Technical writing
- Internal/External auditing
Preferred qualifications: CCSFP, CRISC, CISA

How we work:
The preferred location for this role is in Chicago, IL or St. Louis, MO. We value our people spending time together and have campuses hosting in-person events located in both cities. We are truly a hybrid environment with all team members experiencing the flexibility to work from home.

Thinking about applying?
Research shows that women and underrepresented groups tend to apply to jobs only when they check every box on a job posting. If you’re currently reading this and hesitating to click “Apply” for that reason, we encourage you to go for it! A true passion and excitement for making an impact is just as important as work experience.
Should you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please reach out to [email protected].

Here @ Strata…
Our culture is driven by our people solving problems together. We embrace learning, collaboration, and continuous career growth. Together, we lift our customers, our products, our company, and our community.

We believe that each of our team member’s unique perspectives and experiences is what drives innovation and positive change. Our individual differences are what make us a more forward-thinking organization. We foster a culture of inclusion, equity and belonging, regardless of race, religion, disability, sex, sexual orientation, gender identity or national origin.
Our Core Values:
While we celebrate what makes each member of our team unique, our core values are what connect us. They set clear expectations for how we approach our work and how each of us can positively influence the experience of our team and our customers.

We connect with positive intent.
We are helpful.
We own it.
We get better every day.
We are humble.

Strata is committed to fair and equitable compensation practices. Full-time roles are eligible for an annual bonus based on both individual and company performance. Find out more about Strata benefits here.

Top Skills

Compliance

Governance

Hitrust

Iso 22301

Iso 27001

Risk

Soc

What the Team is Saying

View all jobs at Strata Decision Technology

View Strata Decision Technology Profile

Report Job

The Company

HQ: Chicago, IL

775 Employees

Hybrid Workplace

Year Founded: 1996

What We Do

Strata provides financial software, data, and insights to drive decisions and performance.

Why Work With Us

We are working to solve uniquely challenging financial problems in healthcare, higher education and financial institutions. We embrace learning, collaboration, and continuous career growth. We believe that each of our team member’s unique perspectives and experiences is what drives innovation and positive change.