
Posted a day ago
Governance, Risk, and Compliance (GRC) Analyst
Fulcrum
Perks & benefits
Health InsuranceMedical InsurancePaid Leave
Requirements
Bachelor's degree in InfoSec, CS, or related field, 2+ years GRC experience, Experience with multiple compliance frameworks, Audit readiness and certification experience, Knowledge of NIST CSF or COBIT, Familiarity with GRC tools
Skills
GRCISO 27001risk management
About the role
Responsibilities
- Lead continuous compliance and operating effectiveness across SOC 1, SOC 2, ISO/IEC 27001, ISO/IEC 42001, and CSA Star Level 2 certification programs
- Prepare policy, procedures, and control design updates to ensure ongoing compliance
- Monitor regulatory changes and assess impact on policies and control activities
- Conduct risk assessments to identify, analyze, and prioritize organizational risks
- Develop and maintain risk registers and oversee risk treatment plans
- Collaborate with business units to integrate risk management into operational processes
- Track and report on key risk indicators (KRIs) and compliance metrics
- Ensure control activities are documented accurately and support remediation efforts
- Coordinate audit documentation, corrective action plans, and remediation activities
- Partner with IT, Legal, and Business Development teams to advance compliance initiatives
- Communicate compliance status, risks, and recommendations to senior leadership
Requirements
- Bachelor's degree in Information Security, Computer Science, Business Administration, Risk Management, or a related field
- Minimum 2 years of experience in governance, risk, and compliance roles
- Experience managing multiple compliance frameworks simultaneously
- Proven track record leading audit readiness and certification efforts
- Experience working with external auditors and certification bodies
- Strong understanding of information security principles and technologies
- In-depth knowledge of risk management methodologies like NIST CSF or COBIT
- Familiarity with GRC tools (Vanta experience is a plus)
- Understanding of cloud security and international privacy considerations
- Fluency in English
Preferred Qualifications
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Systems Security Professional (CISSP)
- Certified in Governance of Enterprise IT (CGEIT)
Benefits
- Competitive Health, Dental and Vision Insurance
- Pet Insurance
- 401k
- Flexible schedule
- Paid Holidays plus Paid Time Off
About the Company
Fulcrum operates at the intersection of technology and law, developing advanced solutions for legal professionals to reshape the legal landscape with groundbreaking technology.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeGovernance, Risk, and Compliance (GRC) Analyst
Fulcrum · Schaumburg
