Senior GRC Analyst

Fitch Group’s Information Security Governance, Risk, and Compliance (GRC) function is seeking a Senior GRC Analyst for our New York or Chicago office.

The Information Security GRC function provides a framework for managing security risks across Fitch’s technology estate, enabling both regulated and non-regulated business units to operate securely.

The successful candidate will play a critical role in supporting our SOC 2 assessments and other security engagements, ensuring our organization's compliance with industry standards and enhancing our overall security posture.

What We Offer:

1. Opportunity to work in a high-visibility role within a leading global financial information services company.
2. Exposure to a collaborative team environment with a focus on continuous learning and development.
3. Competitive benefits package and opportunities for career advancement.
4. Chance to contribute to meaningful projects that impact the organization’s security posture.

We’ll Count on You To:

1. Conduct and manage SOC 2 assessments, including planning, execution, and reporting.
2. Collaborate with internal teams to develop and maintain security controls aligning with regulatory requirements and organizational security posture.
3. Prepare and coordinate documentation for audits and regulatory engagements.
4. Identify and recommend enhancements for existing security controls to mitigate risks.
5. Provide guidance to internal stakeholders on compliance with various frameworks.

What You Need to Have:

1. Minimum of 3-5 years of experience in a GRC or similar role within an information security context, ideally within a regulated environment.
2. Strong understanding of SOC2 Trust Services Criteria.
3. Familiarity with regulatory frameworks such as SOX, Dodd-Frank, and DORA.
4. Excellent communication and interpersonal skills.
5. Relevant certifications such as CISA, CISM, or CISSP.

What Would Make You Stand Out:

1. Familiarity with NIST CSF or ISO27001.
2. Critical thinking ability with strong analytical and problem-solving skills.
3. Ability to work independently and as part of a team.
4. Experience with Atlassian suite (particularly Jira), SharePoint, MetricStream, and strong Excel.

Why Fitch?

At Fitch Group, the combined power of our global perspectives is what differentiates us. Our global network of colleagues comes together to accomplish things greater than they ever could alone.

Every team member is essential to our business and each perspective is critical to our success. We embrace a diverse culture that encourages a free exchange of ideas, guaranteeing your voice will be heard and your work will have an impact, regardless of seniority.

We are building incredible things at Fitch and we invite you to join us on our journey.

Fitch Group is a global leader in financial information services with operations in more than 30 countries. Wholly owned by the Hearst Corporation, we are comprised of three main businesses: Fitch Ratings | Fitch Solutions | Fitch Learning.

Fitch Group is proud to be an Equal Opportunity and Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, disability, protected veteran status, and other statuses protected by law.