Job Title: Security GRC Analyst (Contract) – Fintech Focus
Location: Remote (U.S.) – Flexible shift, open to any time zone
Contract Duration: 6 months (with potential extension)
Industry Preference: Fintech, Tech, Banking
About the Role
We’re looking for an experienced Security GRC Analyst to support a leading fintech company with their policy exception management program and security control testing efforts. This is a hands-on role focused on risk assessment and cybersecurity controls, ensuring operational excellence in managing exceptions and validating security controls.
You will manage the full lifecycle of policy exception requests, apply risk ratings, coordinate approvals, and monitor exceptions through to resolution. Additionally, you’ll conduct detailed control testing around cybersecurity risks, collaborating with control owners to validate control design and effectiveness.
Key Responsibilities
- Manage day-to-day operations of the policy exception lifecycle, including intake, triage, risk rating, approvals, and ongoing monitoring
- Work closely with requestors to understand exception use cases and gather high-quality data
- Apply internal risk rating criteria to assess exception requests in the context of business impact
- Route requests for formal approvals based on risk level, liaising with managers and stakeholders as needed
- Maintain and track the exception queue until requests are fully resolved
- Partner with the Program Lead to track and report operational metrics
Security Risk Assessment & Control Testing
- Conduct control testing focused on cybersecurity risks, documenting testing procedures, results, and remediation status
- Collaborate with control owners through walkthroughs to validate control design and operational effectiveness
- Use strong cybersecurity knowledge to perform thorough risk-based assessments
Additional Support
- Maintain GRC documentation, update procedures, and control language as required
- Assist with routine operational housekeeping and process improvement initiatives
Qualifications
- Bachelor’s degree or relevant certification in Cybersecurity or a related field, or equivalent industry experience
- Minimum 4+ years’ experience as a GRC Specialist, Security Auditor, Security Analyst, or similar role
- Strong familiarity with cybersecurity standards and GRC frameworks such as ISO 27001, NIST CSF, PCI DSS
- Hands-on experience with GRC tools like LogicGate, JIRA, ServiceNow, or similar platforms (LogicGate experience a plus but not required)
- Proven ability to collaborate effectively with stakeholders through clear verbal and written communication
- Experience managing high volumes of requests end-to-end in a fast-paced, dynamic environment
- Knowledge of cybersecurity risk management, control testing, and documentation best practices
- Experience with automation of GRC processes is a plus but not required
Preferred Industries
- Fintech (highest preference)
- General Tech (Facebook, Amazon, Netflix, Google, Microsoft, etc.)
- Banking / Financial Services
What We Offer
- Fully remote work with flexible shifts
- Opportunity to work with a leading fintech company driving innovation in financial security
- Collaborative environment with potential contract extension
If you’re a cybersecurity professional with a strong background in GRC, control testing, and policy exception management, and want to make a tangible impact in fintech, we’d love to hear from you!
Apply today and join a team dedicated to securing the future of finance!
