Skip to content


Durham, NC Full Time Posted: Friday, 18 October 2019
The Senior Analyst, IT GRC works within the Information Security Office to help with development and management of the GRC Program. In particular, this position is responsible for generating and coordinating responses to security questionnaires and vendor assessments performed by our external customers and regulators. The position will also support third party vendor assessments completed by the IT GRC team, as well as any internal or external audits and coordination of any requests for information resultant from those engagements.


Support and manage the process for coordinating responses to customer and regulatory inquiries related to information security and IT, including questionnaires, requests for information, and similar.

Support and manage external IT-related attestation engagements, including SOX, SSAE18/SOC, HIPAA, PCI or similar; as well as others where required.

Develop and maintain strong business and technology relationships.

Liase with other internal regulatory subject matter experts such as Legal, Privacy, Internal Audit, and others as needed to ensure alignment with regulatory requirements.

Complete vendor risk assessments for technology vendors, including scoring and reporting of risks;

Communicate effectively across multiple levels.

License/Certification/Education: Normally requires a B.S. Degree in Computer Science w/7+ years of experience.

At least 2-5 years in Information Security, IT Audit/Governance/Risk/Compliance, or similar role.

Understanding and experience with requirements in regulated IT environments.

Proven project management and organizational skills, specifically managing multiple, concurrent projects.

Experience and exposure to customer- and regulator-facing engagements, including audits, responses to questionnaires.

Demonstrated leadership skills with ability to communicate effectively and collaborate strongly within a virtual team.

Excellent conceptual and critical thinking skills and sound judgment, with strategic

orientation and ability to perform tactically, as required.

Bachelor's degree in business/technology or related field strongly preferred.

Strong preference for candidates with certifications completed or in process for one of the following: CISSP, CISA, CISM, CRISC, CIPP, or comparable.

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Durham, NC, United States of America
Click apply
10/18/2019 5:09:45 PM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.