Information Security GRC Analyst
TrackVia offers the most-trusted app building platform for anyone looking for a better way to work. TrackVia gives businesspeople and IT experts the ability to easily build and integrate apps to track, manage, and automate processes in days, not weeks. Our customers make lasting and substantial improvements to their business using TrackVia’s bullet-proof cloud-based technology — and they love getting the industry’s best customer experience every step of the way.
We are looking for an enthusiastic Information Security GRC Analyst to “organize all the security things!” – frameworks, policies, standards, controls, and audit artifacts.
As the GRC Analyst, you are the organizing force across all aspects of TrackVia’s security program. You ensure alignment and compliance with regulatory requirements and control frameworks such as HIPAA, AICPA SOC, ISO 27001, and FedRAMP. To TrackVia, you provide clarity, drive accountability, and push for continuous improvement. To our customers, you build trust.
The Information Security GRC Analyst reports to the Director, Information Security. The position is fully remote with occasional travel to corporate HQ in Denver, CO.
- GRC Operations
- Develop a solid foundation in Information Security GRC concepts and processes
- Manage the selection, implementation, and operation of GRC tools
- Automate the collection of control test and internal audit data with low-code tools
- Drive continuous improvement of the InfoSec GRC program
- Other GRC related duties as needed
- Governance Support
- Manage the annual review process for policies, procedures, and standards
- Develop and manage a security policy exception process
- Develop and maintain Information Security and GRC metrics
- Support the Information Security Management Committee (ISMC) as needed
- Risk Management Support
- Coordinate risk management processes
- Maintain the Risk Register
- Manage the control test and reporting process
- Develop and maintain risk management metrics, reports, and dashboards
- Support control enhancement and/or gap remediation projects
- Compliance Support
- Develop an understanding of FedRAMP, HIPAA, and SOC audit requirements and testing procedures
- Manage internal audit processes
- Coordinate internal resources in support of external/3PAO audits
- Manage Corrective Action Plans and/or POA&Ms
- Sales Support
- Response to customer security questionnaires and inquiries about our Information Security and Privacy programs
- Collaborate on customer-facing security and privacy compliance materials
- Cloud security: You have a strong conceptual understanding of security controls at the system, network, and application levels and how these are applied in cloud architectures. You have experience supporting SaaS environments built on AWS.
- Compliance: You have experience with control standards and frameworks such as FedRAMP, HIPAA, NIST 800-53, SOC 2, or ISO 27001. You have participated in various forms of internal controls review, testing, or internal audit.
- Cross-functional Collaboration: You succeed best by helping the team accomplish shared goals. You develop a shared understanding of risk; security, and compliance requirements; and the business processes necessary to meet our privacy and security commitments.
- Leadership: You understand that all roles have an element of leadership. You have a history of helping to develop a common vision and goals for the team. You lead by influence, relationship building, and example.
- Organization Skills: You are great at arranging and organizing things to understand relationships and dependencies. You enable efficient management of requirements, tasks, projects, and entire programs.
- Project Management: You have experience leading projects with resources across multiple teams and time zones. You are comfortable flexing your role as a project team member, coordinator, or manager depending on project requirements and available resources.
- Education: You have a bachelor’s degree in Computer Information Systems, Information Assurance, or related. You have relevant security or risk certifications, e.g., CISA, CISM, CISSP, CRISC, etc.
- Experience automating manual processes and workflows.
- Experience with GRC tools.
- Experience in customer-facing roles.
- Experience as a Security Analyst, Systems Administrator, or other technical role.
- Python skills are a strong differentiator.
Salary & Benefits
- The salary range for this position is $80,000 to $100,000
- We cover 100% of employee medical, dental, and vision benefits
- We understand you have a life outside of work and have an unlimited, flexible time-off policy
- We provide competitive paid parental leave for all new parents after 6 months
- We made Built in Colorado’s Best Small Companies to Work For list, Denver Business Journal’s Largest Denver-area Tech Employers list, and Outside Magazine’s 50 Best Places to Work list
- You will have the opportunity to challenge yourself and have a high degree of responsibility and impact
- Your daily tasks will change often and give you many opportunities to grow your professional and technical skillset and advance your career
Education & Training
- Hands-on low-code application development training via TrackVia University.
- Sponsorship for Project Management Institute’s (PMI) Citizen Developer certification program.
- Security and/or compliance certification and continuing education assistance.
Not exactly a seasoned InfoSec GRC specialist? Not a problem. If you’re highly organized, passionate about information security, process oriented, and most importantly, a people person, come grow with us!
Work location within the United States is flexible if approved by TrackVia except that position may not be performed remotely from the state of California. Candidates must be eligible to work in the United States.
Applicants with disabilities may contact Human Resources via telephone or e-mail and arrange for accommodations with the application process. Please contact us at firstname.lastname@example.org or (720) 625-3415.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. TrackVia EEO Policy Statement.
Other jobs like this
Research Manager - Ethics & Emerging TechnologiesClimate change Data management Data protection Human rights Interpersonal skills People management PhD +5
Career development Competitive pay Flex hours Flex vacation Startup environment +1
Explore more Remote Work and WFH career opportunities
Find open roles in Engineering, Design, Data, Marketing, Sales, Operations, Support and more, filtered by job title or popular skill, toolset and products used.
- Remote Solutions Architect jobs
- Remote Staff Software Engineer jobs
- Remote Senior Site Reliability Engineer jobs
- Remote Senior Product Marketing Manager jobs
- Remote Senior Data Scientist jobs
- Remote Business Analyst jobs
- Remote Technical Account Manager jobs
- Remote Senior Backend Engineer jobs
- Remote Senior Data Analyst jobs
- Remote Sales Engineer jobs
- Remote Product Owner jobs
- Remote Solutions Engineer jobs
- Remote Technical Recruiter jobs
- Remote Salesforce Administrator jobs
- Remote Security Engineer jobs
- Remote QA Engineer jobs
- Remote Frontend Engineer jobs
- Remote Program Manager jobs
- Remote Business Development Manager jobs
- Remote Principal Software Engineer jobs
- Remote Senior Customer Success Manager jobs
- Remote Staff Accountant jobs
- Remote Technical Writer jobs
- Remote Senior Frontend Engineer jobs
- Remote Senior Project Manager jobs
- Remote Azure-related jobs
- Remote B2B-related jobs
- Remote Customer service-related jobs
- Remote React-related jobs
- Remote Data-driven-related jobs
- Remote HR-related jobs
- Remote CRM-related jobs
- Remote Product management-related jobs
- Remote Kubernetes-related jobs
- Remote Machine Learning-related jobs
- Remote Mentoring-related jobs
- Remote Linux-related jobs
- Remote Interpersonal skills-related jobs
- Remote Entrepreneurial-related jobs
- Remote Financial services-related jobs
- Remote Docker-related jobs
- Remote GCP-related jobs
- Remote CI/CD-related jobs
- Remote HTML-related jobs
- Remote Cybersecurity-related jobs
- Remote UX-related jobs
- Remote Scrum-related jobs
- Remote Banking-related jobs
- Remote Integrations-related jobs
- Remote KPIs-related jobs