Information Security (GRC) Analyst

San Jose, CA, US • Posted 1 day ago • Updated 1 day ago
Contract W2
12 Months
No Travel Required
On-site
$80 - $90/hr
Fitment

Dice Job Match Score™

🛠️ Calibrating flux capacitors...

Job Details

Skills

  • GRC
  • Governance
  • Risk
  • Compliance
  • NIST
  • ISO 27001
  • SOX
  • CISSP
  • Information Security

Summary

Information Security Governance, Risk, and Compliance (GRC) Analyst
Reporting to the Director Information Security, Governance, Risk, and Compliance, the GRC analyst will contribute to the development and operational execution of the program, including risk management and compliance with standards and regulations such as ISO27001, ISO 42001, EU GDPR, and EU AI Act, and transforming the program through intelligent automation, AI agents, and data-driven solutions.
 
Responsibilities:
• Support the GRC operating model and the service-oriented customer engagement model.
• Support GRC capabilities, such as enterprise security risk management, compliance and audit management, policy management, security awareness training, third party risk management, and metrics and reporting.
• Assist to manage security compliance programs and activities that support various compliance regulations.
• Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
• Collaborate with various operational and business teams to complete assessments and drive remediation items to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders and leadership.
• Monitor the security risk profiles and events of our suppliers to objectively determine high risk suppliers that require additional review and treatment plans.
• Design, build, and deploy AI-powered solutions (including agents) to scale GRC processes including but not limited to Security questionnaires, Risk assessments, Evidence collection and control testing
• Develop automated workflows and pipelines using APIs, scripting, or low-code platforms
• Apply LLMs/NLP to analyze policies, audit findings, and regulatory requirements
• Extract insights from large GRC datasets to build and maintain AI-driven risk scoring and prioritization models.
• Partner with security, engineering, and data teams to productionize AI use cases.
• Ensure secure, compliant, and governed use of AI aligned with ISO 42001 and EU AI Act.
• Establish and maintain security metrics and reporting including automating KRI/KPI generation and reporting pipelines, deliver real-time visibility into security risk posture that aligns with operational/business risk areas and corporate risk.
• Measure and report efficiency gains from automation (time saved, coverage increased, etc.)
• Respond to customer security/compliance questionnaires.
• Act as security risk management "ambassador” to internal customers.
 
Accountable for:
• The use of defined risk methodologies and best practices to perform IT/Security assessments. Responsible for the planning, scoping, tracking, and execution of these assessments.
• Driving remediation activities from identification, remediation plan and closure. Hold owners accountable to delivery of remediation solution within the agreed upon/reasonable SLA.
• Operations and improvements of security audit and compliance programs to support various compliance regulations.
• Own the AI/automation roadmap for GRC processes
• Delivery of measurable efficiency improvements (e.g., % reduction in manual effort)
• Deployment of production-grade AI/automation solutions
• Automation of metrics and reporting to continually report on meaningful security, risk and compliance metrics for operational and executive management.
 
Qualifications:
• Candidate must have 5 years working in governance, risk and compliance and/or information security and risk management.
• Functional knowledge of some CISSP security domains and information security industry standard and best practices.
• Functional knowledge of applicable security regulatory requirements (SOX, GDPR, AI Act).
• Functional knowledge of ISMS governance models (i.e. ISO 27001, NIST, CAIQ), information security roles, security controls.
• Functional knowledge of common security certifications (i.e. ISO 27001, ISO 42001, SOC1, SOC2) and ability to glean significance from findings identified in these reports.
• Ability to communicate risk methodologies and concepts to business units and IT teams.
• Demonstrated experience with controls definition, development, implementation and assessment.
• Hands-on experience building or customizing AI/automation solutions, including LLM-based workflows, agents, or copilots, API integrations, scripting (e.g., Python), or low-code platforms.
• Ability to translate GRC use cases into scalable automation solutions.
• Understanding of AI risks, controls, and governance frameworks (ISO 42001, AI Act).
• Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
• Strong attention to detail, project management and organizational skills.
• Self-starter with the ability to effectively manage independent workloads asynchronously with stakeholders across multiple time zones.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 90989446
  • Position Id: SU_GRCAnalyst
  • Posted 1 day ago
Contact the job poster
Sivaganeshan Unnikrishnan

Sivaganeshan Unnikrishnan

Amiseq Inc. Recruiter @ Amiseq Inc.
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Campbell, California

Today

Easy Apply

Third Party, Contract

$90 - $100

Foster City, California

Today

Full-time

USD 210,000.00 - 320,000.00 per year

Foster City, California

12d ago

Full-time

USD 180,600.00 - 289,300.00 per year

Foster City, California

Today

Full-time

USD 180,600.00 - 289,300.00 per year

Search all similar jobs