Senior GRC Analyst
- Demandbase
- No fixed duration
- Remote
- 3 months ago
- Email to a friend
- Report this job
Job Description
We are looking for an enthusiastic IT intern to join our team, providing technical support and contributing to key IT functions. This role will provide hands-on experience across various IT areas, including end-user support, asset management, and systems maintenance, allowing you to gain valuable skills in a real-world environment.
About the Role:
Demandbase is seeking a motivated and detail-oriented Senior GRC Analyst to support its global Governance, Risk, and Compliance program. Reporting to the Senior Director of GRC, you ll collaborate cross-functionally to help strengthen our compliance framework, support audits, perform risk assessments, track remediation efforts, and ensure alignment with key standards like ISO 27001, ISO 42001, ISO 27701, and SOC 2. This role offers the opportunity to work on global compliance initiatives and drive compliance and risk maturity across the business.
What you ll be doing:
- Execute walkthroughs and tests of operating effectiveness over controls in Demandbase, IT applications, and infrastructure, in support of internal and external security audits.
- Review and help mitigate internal and external risk.
- Assist in IT audits and report on findings, track status, and ensure corrective actions are complete, sustainable and documented.
- Improve our security and privacy culture through promoting education and awareness across the organization.
- Review and improve the data life cycle (data inventory, governance, retention).
- Review and edit customer- and public-facing communications about privacy and security programs.
- Assist in operationalizing Business Continuity, Disaster Recovery, and Incident Response exercises
- Assist in AI Governance, Third Party Risk, and Security Reviews
What we re looking for:
- Demonstrated ability of 5+ years in Information Security, GRC, ERM, compliance, audit, internal controls, AI governance, or other security related areas. (Experience in cloud-based tech company is preferred)
- Understanding of general IT and cloud security controls, such as Information Security, Business Continuity, Disaster Recovery, Third Party Risk /Vendor Management, Software Development, Hardware and Software.
- Familiarity with global industry frameworks like ISO 27001, ISO 27701, SOC 2, ISO 42001, NIST CSF, NIST 800-53, and RMF.
- Detail oriented with excellent verbal and written communication skills.
- Ability to work with both business and technical areas and translate requirements between the two areas to address control deficiencies.
- Excellent interpersonal and organizational skills with an ability to coordinate with internal stakeholders and external auditors.
- Familiarity with managing GRC tools (e.g. Metricstream, Hyperproof, Vanta) and dashboards to monitor compliance posture
- Ability to adapt in a dynamic environment and manage multiple priorities effectively; Flexibility is essential and startup experience is a plus.
- Experience in project management including managing complex projects at an enterprise level
- Self-motivated and responsible individual who will represent the company with the highest level of integrity and professionalism.
- BS or MS in Computer Science, Information Systems, Engineering, or Similar.
- Bonus: Certifications such as CISSP, CRISC, CISA, CIPP are highly desirable, but not required.
Job Classification
Industry: Advertising & MarketingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Security AuditorEmployement Type: Full timeContact Details:
Company: DemandbaseLocation(s): REMOTE+ View Contact
Keyskills: SAN Cisa Senior Analyst Project management Information security SOC Disaster recovery ISO 27001 Asset management Technical support
Fraud Alert to job seekers!
₹ Unpaid
Similar positions
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in