Senior Information Security GRC Analyst

Manage Branch's Information Security Program and GRC processes.

• •Branch is seeking an experienced Security Governance, Risk, and Compliance (GRC) professional to join their team.
• •This position will work in all aspects of GRC, requiring broad knowledge across multiple frameworks and policy lifecycle management.
• •Key Responsibilities Manage and maintain the Branch Information Security Program and associated processes.
• •Perform control mapping to align internal controls with regulatory and compliance frameworks.
• •Conduct gap analysis and manage risk/vulnerability assessments and audits.
• •Manage the Branch’s Drata GRC platform, ensuring data accuracy and audit evidence collection.
• •Collaborate with stakeholders to integrate security practices into daily operations.
• •Requirements Broad knowledge across multiple GRC frameworks (PCI, SOC 2, ISO 27001, NIST CSF, CCPA).
• •Experience implementing new frameworks and integrating into existing audit cycles.
• •Experience managing the end-to-end third-party vendor management lifecycle.