Associate Risk Analyst

US Based Remote

Degreed, Inc. logo
Degreed, Inc.
Apply now Apply later

Posted 4 weeks ago

Degreed is the upskilling platform that connects learning to opportunities. We integrate everything people use to learn and build their careers—skill insights, LMSs, courses, videos, articles, and projects—and match everyone to growth opportunities that fit their unique skills, roles, and goals.
We are seeking an enthusiastic, responsive and organized individual contributor with an interest in growing their career in audit, compliance and information security to help support the Security-GRC team within a young and rapidly growing organization.
Do you love the challenge of diving into the details and learning why and how things work? Do you want to learn to see the big picture, and find ways to collect and organize data to tell the story? Do you suffer from a compulsive need to document things and “get it down on paper”? 
Being a member of the Security-GRC team is an excellent opportunity for an independent individual contributor to have a hand in elevating audit and compliance as business and sales enablers, as well as promoting a deeper understanding of risk management and process improvement throughout the business.
This role will communicate regularly with cross-functional teams inside the company, and occasionally external consultants and auditors. Success in this role is tied to maintaining a positive impact on those relationships. Our ideal candidate takes an extremely pragmatic approach to audit and compliance, functions as part of a growing team, and is able to balance the needs of a very dynamic culture with that of protecting the company and customer data.
This job is remote, U.S. based and open nationwide, however, semi-frequent travel (<10%) will be necessary for a remote worker.

RESPONSIBILITIES

  • Represent the Company’s culture, tone, and spirit of partnership with both our internal and external partners as a key function of day-to-day work.
  • Manage a queue of incoming client security assessment requests and vendor Third-Party Risk Assessments
  • Work closely with Info Security, Sales Enablement and other teams to prioritize and complete client assessments in a timely manner
  • Work closely with finance and other business representatives on vendor/sub-processor security and risk assessments
  • Perform vendor risk evaluations and author risk assessment summaries
  • Participate in internal and external audits by collecting, organization and documenting information
  • Contribute to our enterprise policy and controls library
  • Track recurring compliance tasks to ensure deadlines are not missed
  • Other duties as assigned

REQUIREMENTS

  • 2+ years prior work experience in information security risk, vendor management, project management, audit and/or compliance efforts
  • Proven skills at organizing complex work efforts and tracking details that may vary on a week by week basis
  • Demonstrated ability to adapt to and recommend adjustments to workflows and processes
  • Proven communication skills and ability to understand the value and drivers behind adjusting style and tone to the audience
  • Experience with collecting data with consistency and basic experience developing reporting or metrics to assess and report program performance using data analysis tools - Excel, Google Sheets, or a comparable tool
  • Experience in project management concepts and project management tools - Jira, Confluence, Asana, SmartSheet, or other comparable tools
  • Strong independent motivation, high comfort level with written communication, use of chat tools, and asynchronous communication skills.
  • Exposure to AICPA TSP/SOC, SOX, ISO, Cloud Security Alliance/STAR program, FedRAMP, or other industry and regulatory frameworks
  • The ability to partner with and effectively communicate with technical and non-technical employees, security, engineering, and management staff
  • Ability to complete and hold any background checks or security clearances needed
  • Confident in the ability to say "I don't know, but I will find out!" with a strong desire to learn
  • Drawn to team collaboration with a desire to dig into problems, answer questions, and assist colleagues both within the Security-GRC team and across the company
  • Empathetic of those you support and focused on consulting and collaboration to find creative solutions to difficult problems
  • Very comfortable working under ambiguous situations, with a natural drive to bring clarity using critical thinking, communication and the independent research of existing documentation and resources
  • Ability to function as a business to technology translator and help bridge the business view of compliance and risk management to technical engineering and operations staff and vice versa
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
See Degreed Jobs for more details on Degreed and why you should come work with us! 
Job tags: Compliance Cross-functional Data Analysis Excel Jira Project Management Research Risk management Security
Job region(s): North America
Share this job: