Lead Technical GRC Analyst – Governance

Role Overview

• Manage the organization’s security governance program, including participating in Cyber-led projects and programs to design and develop cyber governance processes.
• Demonstrated experience supporting and operating complex, enterprise-scale IT platforms with a wide and varied customer base, where reliability, security, and governance are mission critical.
• Serve as a trusted technical and governance resource for core Enterprise IT platforms, with the capability to provide practical support to ensure security, resilience, and consistency across large-scale, business‑critical tools.
• Maintaining an effective feedback loop with business partners – seeking and integrating business area feedback into cyber governance processes.
• Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders.
• Participate in development, review, and implementation of security policies, standards, procedures, and guidelines in alignment with industry frameworks (e.g., ISO 27001, NIST, CIS).
• Serve as point of contact for internal audits, certifications, and compliance initiatives related to policy and governance.
• Actively consult with stakeholders throughout the development lifecycle of small projects and large-scale programs to help establish, refine, and validate governance processes.
• Conduct technical assessments of configurations to ensure security effectiveness.
• Monitor regulatory changes and emerging risks to ensure policies remain compliant and adaptive to future threats.
• Use advanced technologies—e.g., robotic process automation and AI/machine learning—to improve operation.
• Provide hands-on technical control review to support guidance of enterprise configurations of tools like M365, Slack, Microsoft Defender for Cloud, etc.
• Design and develop GRC metrics including KPIs and KRIs.

Requirements

• 4+ years of experience in information security, governance, risk, or compliance roles.
• Strong and proven communication (both verbal and written) and customer engagement skills with experience in briefing corporate executives and professionals.
• Familiarity with industry standards and frameworks (e.g., NIST CSF, ISO 27001, CIS Benchmarks, SOC 2).
• Ability to read and interpret technical documentation and translate it into governance mandates.
• Strong analytical and communication skills with the ability to translate complex security concepts into business language.
• Experience performing system integration, system management, and configuring native controls in modern enterprise IT tooling.
• Experience working with technical teams to implement and validate secure configurations.
• Comfortable working in fast-paced, ambiguous, or evolving environments with a solution-oriented mindset.
• Ability to balance governance rigor with creativity and adaptability in a business-centric approach.
• Bachelor’s Degree in an IT related field and/or equivalent work experience.

Tech Stack

• Cloud
• Cyber Security
• RPA

Benefits

• medical, dental and vision insurance
• 401(k)
• paid leave
• tuition reimbursement
• a variety of other discounts and perks