Skip to content
PrizePicksPrizePicksAtlanta, GA

Senior GRC Analyst

Senior GRC Analyst responsible for managing security policies, third-party risk assessments, audit coordination (SOC 2, PCI), compliance mapping, and risk registries. Requires 5+ years in GRC or IT audit, experience with major frameworks, and strong cross-functional collaboration skills.

110k – 120k
Remote5+ YOEOther

About the role

What you’ll do

Policy Lifecycle Management:

  • Own the ongoing review and maintenance of organizational security policies, standards, and procedures.
  • Assist in identifying policy gaps based on evolving regulatory requirements, business needs, and industry best practices.

Compliance Program Support:

  • Serve as a primary cross-functional coordinator with other dedicated compliance teams (e.g., Legal, Regulatory Affairs, Internal Audit) to design and maintain a unified, strategic governance roadmap.
  • Ensure all corporate compliance activities are aligned, documented, and consistently executed across the enterprise.

Third-Party Risk Management (TPRM):

  • Lead security risk assessments for new and renewing third-party vendors as part of the procurement lifecycle.
  • Track remediation items and collaborate with stakeholders to address identified risks.

Audit & Certification Coordination:

  • Coordinate and support the organization's annual security audits and certifications (e.g., SOC 2, PCI, CIS).
  • Coordinate evidence collection, track action items, communicate with stakeholders, and assist with audit readiness activities.
  • Lead cross-functional coordination with internal SMEs to support evidence collection, reviewing appropriateness, tracking action items, and ensuring timely submission.
  • Act as a secondary liaison with external auditors.
  • Serve as a subject matter resource in interpreting and mapping security controls to operational processes and supporting evidence.

Security Training Program:

  • Assist with the administration and continuous improvement of the company’s security awareness and training program, including tracking completion metrics and updating training content as needed.

Regulatory & Compliance Support:

  • Work in close partnership with Legal and Regulatory teams to interpret new and changing compliance requirements.
  • Provide security insight to ensure corporate practices and technology align with legal and regulatory mandates.

Governance and Process Improvement:

  • Proactively identify and drive improvements to the efficiency, consistency, and scalability of GRC processes and documentation.
  • Contribute to initiatives that enhance operational maturity and reduce organizational risk.
  • Assist with the administration, maintenance, and continuous improvement of the organization’s GRC platform and related workflows.

Risk & Issue Management Support:

  • Maintain and help evolve risk and issues registries, tracking exceptions, risk owners, update timelines, and supporting broader risk management initiatives across Security and IT functions.

What you have

  • 5+ years of experience in Governance, Risk, and Compliance (GRC), Information Security, IT Audit, or related fields.
  • Experience independently managing audits, compliance initiatives, or governance programs with limited supervision.
  • Experience working with security and compliance frameworks such as SOC 2, ISO 27001, SOX 404, PCI-DSS, NIST, GDPR, CIS or similar standards.
  • Familiarity with audit processes including evidence gathering/review, remediation tracking, and auditor coordination.
  • Experience maintaining or developing security policies, standards, and procedures.
  • Hands-on experience conducting Third-Party Risk Management (TPRM) assessments, including vendor security reviews, questionnaire evaluations, risk analysis, remediation tracking, and ongoing monitoring.
  • Experience identifying, documenting, tracking, and communicating security and compliance risks to technical and non-technical stakeholders, including supporting risk remediation and exception management processes.
  • Experience working with GRC platforms and tooling to manage compliance activities, risk registers, policy lifecycle management, audit evidence collection, and workflow automation.
  • Experience interpreting and mapping security and compliance controls to operational processes and evidence requirements.
  • Familiarity with the impact of Governance, Risk, and Compliance (GRC) on the Secure Software Development Life Cycle (SSDLC) and IT operations.
  • Experience supporting privacy and data protection compliance initiatives, including CCPA, consumer privacy regulations, and broader PII/data handling protection requirements.
  • Strong written and verbal communication skills with the ability to collaborate across technical and non-technical teams.
  • Strong organizational skills and ability to manage multiple priorities effectively.
  • Strong project management experience.

What makes you stand out

  • Industry certifications such as CISSP, CISM, CISA, CRISC, Security+, or similar.
  • Experience working in high-growth technology or regulated environments.
  • Familiarity with GRC tooling such as Vanta, Drata, Archer, OneTrust, or ServiceNow GRC.
  • Experience supporting PCI-DSS, privacy, or state regulatory compliance initiatives.
  • Exposure to security awareness platforms and vendor risk management tooling.
  • Experience helping mature or scale governance and compliance programs.

Compensation

The typical salary range for this position is $110,000 to $120,000.

Skills

GRCSOC 2ISO 27001Sox 404Pci-DssNistGDPRCisTprmGrc PlatformsCisspCismCisaCriscVanta

Similar roles

Datadog

Senior Payroll Specialist

DatadogNew York, NY

Support US semi-monthly payroll processing for 3000+ employees in Workday, including new hires, terminations, equity transactions, audits, and government inquiries. Requires 3+ years multi-state payroll experience, familiarity with Workday or ADP, and knowledge of relevant legislation.

110k – 150k
Hybrid3+ YOEOther
CodePath

Senior Manager of AI Enablement

CodePathUnited States

Senior Manager of AI Enablement embeds with teams at CodePath to audit workflows, rapidly build and productionize LLM-powered agents and automations using Claude and other tools, coach teams to AI self-sufficiency, and drive measurable operational impact. Requires 5+ years automation/ops experience with recent hands-on LLM work, systems thinking, and ability to work with non-technical stakeholders.

110k – 150k
Remote5+ YOEOther
Chime

Senior Analyst, Financial Crimes & Identity Quality

ChimeChicago, IL

Senior Analyst performing and leading quality assurance reviews of Financial Crimes and Identity investigations (AML, fraud, KYC/CDD, EDD). Evaluates accuracy, coaches teams, identifies trends, and drives process improvements in a high-volume banking compliance environment. Requires 4+ years in fraud/AML/KYC plus QA experience.

112k – 155k
On-site4+ YOEOther
Underdog Fantasy

Senior Creative Ops Project Manager

Underdog FantasyUnited States

Manages end-to-end creative operations for campaigns, video productions, and one-off assets in a fast-paced sports tech environment. Implements AI tools for workflows, copy drafting, and feedback while maintaining project tracking in Monday.com.

112k – 140k
RemoteOther
Twilio

Sr. Global Event Manager, Event Content Strategy and Production

TwilioUnited States

Lead event content strategy, agenda architecture, speaker experience, and production readiness for Twilio's flagship events including SIGNAL and SKO. Translate business priorities into cohesive, high-quality event experiences.

106k – 141k
Remote7+ YOEOther