Swing Development is hiring a
GRC Analyst

Summary

Join us as an experienced GRC Analyst to ensure compliance with federal and state regulations, as well as industry best practices. You'll train staff on regulatory requirements, support investigations into compliance issues, and recommend improvements to internal procedures.

Requirements

• Have minimum of 2-3 years of experience in a GRC role in a 100% cloud environment
• Have strong knowledge of regulatory requirements and industry standard frameworks - SOX or SOC 2
• Have experience in auditing and applying control processes to networks and applications
• Have experience developing corporate security policies, standards, and procedures
• Have experience with security and risk management
• Understand cloud environments (GCP, AWS, Azure)
• Have a great command of English (written & spoken)

Responsibilities

• Monitor and ensure compliance: Oversee adherence to regulations and certifications such as Sarbanes-Oxley (SOX), SOC2, ISO27001, CCPA, NIST, and NYCRR 500
• Prepare and support audits: Assist in internal and external audits by gathering and organizing evidence to demonstrate compliance. Document process flow diagrams, user stories, and business analyses
• Conduct risk assessments: Identify and analyze potential risks to the organization, evaluate their likelihood and impact, and manage third-party risks
• Collaborate: Act as an intermediary between business owners, system vendors, and the GRC/Cybersecurity team. Work with different teams to develop and enhance compliance procedures. Provide training and guidance on compliance and risk management best practices
• Develop and implement controls and programs: Create policies and procedures to mitigate identified risks. Ensure these controls are effectively implemented and maintained. Review new technology implementations for security compliance. Create and manage education and awareness programs
• Create reports and presentations: Communicate findings and recommendations to stakeholders. Prepare detailed reports on risk assessments, compliance status, and audit results. Define security metrics, reporting mechanisms, and create maturity models and a roadmap for continual program improvements

Benefits

• Form of employment of your choosing
• Remote work & flexible working hours
• Paid sick leave
• Paid holidays
• Private medical care with dentists & orthodontists package for you and your family
• Group life insurance
• Psychotherapists support — free online sessions with psychologists and psychotherapists
• Home physiotherapy
• Multisport card & meditation apps reimbursed 50%
• Gear with Apple Logo and monitor
• 50% reimbursement for courses, conferences, books & certificates
• Free access to private language lessons
• 6 Personal Development Days & 4 Voluntary Days Off