appleone technical staffing company
Security GRC Analyst
100% Remote anywhere in the United States
Contract 6-12+ months
Key Job Responsibilities
Policy Exception Program
• Manage day-to-day operations of policy exception lifecycle, including intake, triage, risk rating, approvals, and ongoing monitoring.
• Ensure requests are complete, accurate, and include high-quality data from requesters.
• Apply a deep understanding of security risk ratings in alignment with internal guidelines and business context.
• Partner with the Program Lead to track and report on operational metrics.
Security Risk Assessment & Control Testing
• Conduct control testing with a focus on cybersecurity risks, including documentation of testing steps, results, and remediation tracking.
• Collaborate with control owners for walkthroughs and validation of control design and operating effectiveness.
• Demonstrate a strong foundation in cybersecurity concepts, controls, and risk management principles to perform well-informed assessments.
Miscellaneous
• Support maintenance of GRC documentation, procedures, and control language updates.
• Assist in routine operational housekeeping and process improvement initiatives.
Qualifications
• Bachelor’s degree or relevant certification in Cybersecurity or a related field, or equivalent industry experience.
• Strong familiarity with cybersecurity standards and GRC frameworks (e.g., ISO 27001, NIST CSF, PCI DSS).
• Proven ability to collaborate effectively with stakeholders through clear, concise verbal and written communication.
• Hands-on experience with GRC tools such as LogicGate, JIRA, or similar platforms.
• Demonstrated ability to deliver high-quality work in a fast-paced, dynamic, and sometimes ambiguous environment.
• Experience in program or operations management, with the ability to handle a high volume of requests end-to-end.
Years of Experience:
• Minimum 4+ years as a GRC Specialist, Security Auditor, or Security Analyst.
