Senior Analyst

Position: Senior Analyst, Security Governance Risk & Compliance

Location: Dublin, CA (4 days onsite in a week, hybrid)

The Senior Analyst, Security Governance Risk & Compliance will be responsible for supporting and enhancing the Security GRC program by identifying, assessing and managing risks while ensuring adherence to internal policies, industry standards and regulatory requirements. This role collaborates with business and technology teams to strengthen risk management practices, maintain security and compliance frameworks, and drive continuous improvement in overall security posture.

• Supports the development and on-going management of the Security Governance, Risk & Compliance program
• Develops and maintains security standards, process documentations and control objectives
• Develops and maintains security control mappings to relevant frameworks
• Matures and enhance the information security awareness and training program
• Performs and manages the Information Security, Information Technology and Third-Party risk assessments
• Develops and maintains risk and controls register and monitor risk treatment strategies and control effectiveness
• Monitor and escalate unresolved security issues, exposures, misuse, policy violations and other non-compliance situations to Security Leadership
• Provide continuous tracking and monitoring of Security Program metrics
• Work closely with First Line of Defense teams, to identify potential security weaknesses, define potential impact and develop effective mitigation strategies
• Collaborating with Internal Audit and Compliance teams for security and technology audit-related activities
• Monitor industry regulatory environment for impact on security programs and changes to security compliance standards
• Performs other duties as may be assigned