RemoteLeaf Logo
Log in Sign up

Senior Information Security GRC Analyst

4 hours, 50 minutes ago
United States
Full-time
Senior
Security Analyst
Cybersecurity
Penetration Testing
Apply Now
Branch

Branch

Branch (branchapp.com) offers instant payment solutions for businesses, including contractor payouts, cashless tips, and earned wage access. They connect communities for social interactions and meet-ups, partnering with leading employers to empower wor...

Professional Services
51-250
Founded 2015
$633M raised
View All Jobs 9

Description

  • Manage and maintain Branch’s Information Security Program, related security function programs, and internal controls.
  • Serve as an ambassador for the Information Security Program and security awareness across the company.
  • Map internal controls to regulatory and compliance frameworks such as PCI, SOC 2, ISO 27001, NIST CSF, and CCPA.
  • Conduct gap analyses, risk assessments, validation testing, compliance reviews, and audits.
  • Manage the Drata GRC platform, including automated evidence collection, framework and policy updates, control mapping, and Security Trust Center content.
  • Partner with Security, Engineering, Cloud Operations, Procurement, Legal, Risk, and other stakeholders to embed security practices into daily operations.
  • Write, update, and maintain security standards, policies, procedures, and documentation.
  • Manage third-party vendor risk through onboarding, due diligence, ongoing monitoring, and governance processes.
  • Support security training and awareness initiatives to strengthen the organization’s security culture.
  • Plan penetration tests and coordinate remediation efforts.

Requirements

  • 5-7 years of experience in a similar security GRC role.
  • 3+ years of experience conducting audits for SOC 2, PCI, or ISO 27001 and handling audit responses.
  • Experience with GRC tools and best practices, such as Drata, HyperProof, AuditBoard, or OneTrust.
  • Familiarity with security and compliance requirements for SOC 2, PCI, NIST CSF, ISO 27001, and CCPA.
  • Excellent oral and written communication skills for both employee and leadership audiences.
  • Strong organizational, process improvement, and project management skills.
  • Ability to create and maintain clear, concise, and accurate GRC documentation.
  • Solid ethics and discretion when handling confidential or sensitive information.
  • CISA or CISM certification, or currently working toward one.
  • Broad knowledge across multiple frameworks and policy/procedure lifecycle management is preferred.

Benefits

  • Base salary range of $155,000 to $165,000.
  • Remote-first role within the United States.
  • Market-leading medical, dental, and vision insurance.
  • Stock options.
  • Free Premium-Tier Origin Financial Wellness subscription.
  • Monthly home-office stipend.
  • 401(k) plan through TransAmerica.
  • 12 weeks of paid parental leave for birthing and non-birthing parents.
  • Flexible time off, sick time, and 11 paid company holidays.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Calendly

Trust and Safety Operations Analyst

Calendly 251-1K Internet Software & Services

Calendly is hiring an Operations Analyst to support Trust & Safety operations within Product Operations, helping manage escalations, investigations, and review workflows that reduce risk and improve response quality across the platform.

United States Full-time Senior Operations Analyst Security Analyst
$138k-$210k
Confluence JIRA
3 hours, 50 minutes ago
Nebius

Threat Intelligence Expert

Nebius 51-250 Internet Software & Services

Nebius is hiring an experienced Cyber Intelligence Expert to lead threat intelligence efforts within its Cyber Security organization and help strengthen the company’s security posture across its global cloud AI platform.

Israel Full-time Mid Level Security Analyst
SOC
4 hours, 35 minutes ago
Ensono

IAM Analyst

Ensono 1K-5K IT Services

Ensono is hiring an IAM Analyst to support its identity and access management program by handling day-to-day access administration, audit support, and account management across enterprise applications.

United States Full-time Junior Security Analyst
$103k-$120k
Cybersecurity HIPAA
4 hours, 50 minutes ago
Flip App

GRC & Information Security Specialist (m/w/d)

Flip App 51-250 Internet Software & Services

Flip is hiring a GRC & Information Security Specialist to manage compliance, audits, and policy governance across multiple security frameworks in support of its international growth.

Germany Full-time Junior Compliance Manager Security Analyst
1 day ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers