Sr InfoSec GRC Analyst

Job Description The Senior InfoSec GRC Analyst is tasked with developing, implementing, communicating, and maintaining technology policies, standards, and procedures that align with industry standards and regulatory requirements. This role ensures that technology processes comply with regulations, effectively manage risks, and establish robust governance practices. Additionally, the analyst develops and implements controls, monitors compliance, and supports risk management activities. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: Skills and Requirements u2022 6+ years in Cybersecurity GRC, policy development, or risk management u2022 Experience with GRC tools (Archer, ServiceNow, OneTrust) u2022 Familiarity with regulatory frameworks (NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS) u2022 Strong documentation and policy writing skills u2022 Bachelor's in InfoSec, IT, or related field u2022 Certifications: CISM and/or CISA preferred u2022 Proficiency in Excel, Power BI Strong understanding of risk management and compliance auditing u2022 Experience supporting internal/external audits u2022 Ability to simplify complex technical concepts for non-technical stakeholders u2022 Experience in financial services or mortgage industry Familiarity with benchmarking and continuous improvement practices

Created: 2025-10-20