GRC Analyst

Mercury
Summary
Join Mercury as a GRC Analyst and play a crucial role in enhancing the organization's security posture and business resilience. Collaborate with the engineering team to define and improve security, applying your deep understanding of GRC principles to engineering initiatives. You will implement, monitor, and maintain security frameworks, focusing on regulatory compliance standards. Automate security controls to mitigate risks and strengthen overall security. Conduct gap analyses on various frameworks and create comprehensive plans to address identified shortcomings. This role requires strong problem-solving skills and a solid understanding of security practices and cloud services. Mercury offers a competitive total rewards package including base salary, equity, and benefits.
Requirements
- Familiarity with standard security frameworks, including NIST, PCI-DSS, CIS, ISO, etc
- Strong problem-solving and analytical skills, with the ability to remain composed in high-stress situations
- Fundamental understanding of accepted security practices, including troubleshooting, identifying attack vectors, and providing customer support
- Knowledge and understanding of cloud services, with a 100% cloud-native approach
- Utilize a range of tools and technologies, including but not limited to: AWS Config, Audit Manager, Orca, GitHub, Vanta, GRC (Governance, Risk, and Compliance) tools
Responsibilities
- Collaborate with the engineering team to define and enhance the organization's security posture
- Apply a deep understanding of Governance, Risk, and Compliance (GRC) principles to engineering initiatives
- Work closely with engineering to improve the reliability and security of the business
- Implement, monitor, and maintain various security frameworks, with a focus on regulatory compliance standards (e.g., NIST, PCI, CIS)
- Automate security controls to minimize risks and enhance overall security resilience
- In this role, you will be a tech-savvy professional who excels in communicating governance, risk, and compliance requirements for various technologies
- Your immediate responsibilities will include conducting a gap analysis on various frameworks
- You will create a comprehensive plan to address and close these gaps, engaging relevant stakeholders throughout the process
Benefits
- The total rewards package at Mercury includes base salary, equity (stock options), and benefits
- Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using the most reliable compensation survey data for our industry