Information Security GRC Analyst

Remote

Applications have closed
TrackVia logo

TrackVia

TrackVia is a no-code business app platform built for citizen developers to track, manage, and automate everything that matters.
Find more jobs like this

About Us:

TrackVia offers the most-trusted app building platform for anyone looking for a better way to work. TrackVia gives businesspeople and IT experts the ability to easily build and integrate apps to track, manage, and automate processes in days, not weeks. Our customers make lasting and substantial improvements to their business using TrackVia’s bullet-proof cloud-based technology — and they love getting the industry’s best customer experience every step of the way.

We are looking for an enthusiastic Information Security GRC Analyst to “organize all the security things!” – frameworks, policies, standards, controls, and audit artifacts.

As the GRC Analyst, you are the organizing force across all aspects of TrackVia’s security program.  You ensure alignment and compliance with regulatory requirements and control frameworks such as HIPAA, AICPA SOC, ISO 27001, and FedRAMP.  To TrackVia, you provide clarity, drive accountability, and push for continuous improvement.  To our customers, you build trust.

The Information Security GRC Analyst reports to the Director, Information Security.  The position is fully remote with occasional travel to corporate HQ in Denver, CO.

Responsibilities

  • GRC Operations 
    • Develop a solid foundation in Information Security GRC concepts and processes
    • Manage the selection, implementation, and operation of GRC tools
    • Automate the collection of control test and internal audit data with low-code tools
    • Drive continuous improvement of the InfoSec GRC program
    • Other GRC related duties as needed
  • Governance Support
    • Manage the annual review process for policies, procedures, and standards
    • Develop and manage a security policy exception process
    • Develop and maintain Information Security and GRC metrics
    • Support the Information Security Management Committee (ISMC) as needed
  • Risk Management Support
    • Coordinate risk management processes
    • Maintain the Risk Register
    • Manage the control test and reporting process
    • Develop and maintain risk management metrics, reports, and dashboards
    • Support control enhancement and/or gap remediation projects
  • Compliance Support
    • Develop an understanding of FedRAMP, HIPAA, and SOC audit requirements and testing procedures
    • Manage internal audit processes
    • Coordinate internal resources in support of external/3PAO audits
    • Manage Corrective Action Plans and/or POA&Ms
  • Sales Support
    • Response to customer security questionnaires and inquiries about our Information Security and Privacy programs
    • Collaborate on customer-facing security and privacy compliance materials

Requirements

  • Cloud security:  You have a strong conceptual understanding of security controls at the system, network, and application levels and how these are applied in cloud architectures.  You have experience supporting SaaS environments built on AWS.  
  • Compliance:  You have experience with control standards and frameworks such as FedRAMP, HIPAA, NIST 800-53, SOC 2, or ISO 27001. You have participated in various forms of internal controls review, testing, or internal audit.
  • Cross-functional Collaboration: You succeed best by helping the team accomplish shared goals.  You develop a shared understanding of risk; security, and compliance requirements; and the business processes necessary to meet our privacy and security commitments.
  • Leadership:  You understand that all roles have an element of leadership.  You have a history of helping to develop a common vision and goals for the team.  You lead by influence, relationship building, and example.
  • Organization Skills:  You are great at arranging and organizing things to understand relationships and dependencies.  You enable efficient management of requirements, tasks, projects, and entire programs.
  • Project Management:  You have experience leading projects with resources across multiple teams and time zones.  You are comfortable flexing your role as a project team member, coordinator, or manager depending on project requirements and available resources.
  • Education:  You have a bachelor’s degree in Computer Information Systems, Information Assurance, or related.  You have relevant security or risk certifications, e.g., CISA, CISM, CISSP, CRISC, etc.

Differentiators

  • Experience automating manual processes and workflows.
  • Experience with GRC tools.
  • Experience in customer-facing roles.
  • Experience as a Security Analyst, Systems Administrator, or other technical role.
  • Python skills are a strong differentiator.

Salary & Benefits

  • The salary range for this position is $80,000 to $100,000
  • We cover 100% of employee medical, dental, and vision benefits
  • We understand you have a life outside of work and have an unlimited, flexible time-off policy
  • We provide competitive paid parental leave for all new parents after 6 months
  • We made Built in Colorado’s Best Small Companies to Work For list, Denver Business Journal’s Largest Denver-area Tech Employers list, and Outside Magazine’s 50 Best Places to Work list
  • You will have the opportunity to challenge yourself and have a high degree of responsibility and impact
  • Your daily tasks will change often and give you many opportunities to grow your professional and technical skillset and advance your career

Education & Training

  • Hands-on low-code application development training via TrackVia University.
  • Sponsorship for Project Management Institute’s (PMI) Citizen Developer certification program.
  • Security and/or compliance certification and continuing education assistance.

Not exactly a seasoned InfoSec GRC specialist? Not a problem. If you’re highly organized, passionate about information security, process oriented, and most importantly, a people person, come grow with us!

Work location within the United States is flexible if approved by TrackVia except that position may not be performed remotely from the state of California. Candidates must be eligible to work in the United States.  

Applicants with disabilities may contact Human Resources via telephone or e-mail and arrange for accommodations with the application process. Please contact us at hr@trackvia.com or (720) 625-3415.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. TrackVia EEO Policy Statement.

Tags: AWS CISSP Cloud Compliance Cross-functional Customer-facing HIPAA HR Human Resources InfoSec NIST Project management Python Relationship-building Risk management SaaS Security SOC 2 Training

Perks/benefits: Career development Competitive pay Flex vacation Health care Medical leave Parental leave Unlimited paid time off

Region: Worldwide/Anywhere
Job stats:  2  0  0
Categories: Data Jobs Security Jobs

Other jobs like this

Explore more Remote Work and WFH career opportunities

Find open roles in Engineering, Design, Data, Marketing, Sales, Operations, Support and more, filtered by job title or popular skill, toolset and products used.