Senior Information Security GRC Analyst at OneTrust

OneTrust is seeking a Senior Information Security GRC Analyst to join their InfoSec GRC team. The successful candidate will contribute to governance, risk, and compliance activities.

Role involves:

• Leading and managing audits such as PCI DSS, SOC2, ISO27001, ISO270017, HITRUST and TISAX.
• Developing and maintaining GRC policies, procedures and documentation.
• Conducting risk assessments and identifying potential security risks.
• Collaborating with internal teams to implement and monitor security controls.
• Preparing and presenting audit findings and recommendations to senior management.

Requirements:

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Minimum of 5 years of experience in information security, with a focus on GRC initiatives.
• In-depth knowledge of NIST CSF, PCI, SOC2, ISO27001, ISO27701, ISO27017, HITRUST, and TISAX frameworks.
• Past experience having managed audits end-to-end.
• Relevant certifications such as CISSP, CISM, CISA, or CRISC are preferred.

OneTrust offers:

• Flexible PTO
• Equity stock options
• Annual performance bonus opportunities
• Retirement account support
• Career development opportunities
• Company-paid privacy certification exam fees