Senior InfoSec GRC Analyst
Senior InfoSec GRC Analyst
Posted on :
21-04-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Description
Position at loanDepot
Position Summary:
The Senior InfoSec GRC Analyst is responsible for driving the development implementation communication and maintenance of loanDepots technology policies standards and procedures that are aligned to industry standards and regulatory requirements. Ensures that loanDepot technology processes adheres to regulatory requirements manages risks effectively and establishes strong governance practices. Develops and implements controls monitors compliance and supports risk management activities.
Responsibilities:
- Leads the development and implementation of comprehensive cybersecurity and IT policies standards and guidelines.
- Continuously evaluates and updates cybersecurity and IT policies to ensure they remain current and effective.
- Ensures policies comply with relevant laws regulations and industry standards (e.g. NIST FFIEC GLBA NYDFS SOX and PCIDSS).
- Collaborates with teams working closely with IT legal compliance and other departments to gain a deep understanding of business needs to ensure cybersecurity policies align with business objectives.
- Transforms complex information and documentation into simple concepts that are easy to understand by the endusers.
- Offers specialized expertise and consultation to crossfunctional teams to perform frameworkoriented risk assessments identify deficiencies generate reports and recommends prioritized actionable solutions to mitigate risks and enhance loanDepots overall security posture.
- Stays informed about the latest cybersecurity threats trends and best practices. Ensures accurate and uptodate records of policy reviews risk assessments training activities and incident responses.
- Benchmarks the organizations policies against industry standards and best practices.
- Develops and implements governance frameworks for cybersecurity policy management.
- Monitors key performance indicators conducts gap analysis risk assessments and implements frameworks as needed. Tests and monitors effectiveness of controls.
- Establishes a feedback loop and analyzes metrics to continuously improve cybersecurity policies based on audit findings incident reviews and emerging threats.
- Actively leads and supports on internal and external audits and assessments of cybersecurity policies and practices.
- Accountable for ensuring identified audit and assessment findings and actions are tracked to closure.
- Maintains comprehensive documentation of all cybersecurity policies procedures and related activities. Communicates policy requirements and updates to all relevant stakeholders.
- Identifies opportunities for innovation and improvement in cybersecurity policy and practice. Proposes suitable mitigation strategies and verifies the effectiveness of remediation plans
Requirements:
- Bachelors Degree in Information Security Computer Science Information Technology or a related field preferred.
- Minimum of six 6 years experience working in Cybersecurity GRC policy development risk management or a similar field.
- Experience with GRC tools (e.g. Archer ServiceNow OneTrust).
- Proficiency in using data analysis and reporting tools (e.g. Excel Power BI).
- Relevant certifications such as CISM and/or CISA are highly desirable
- Demonstrates knowledge of adherence to monitoring and responsibility for compliance with state and federal regulations and laws as they pertain to this position.
- Knowledge of regulatory frameworks (NIST FFIEC GLBA NYDFS SOX and PCIDSS).
- Understanding of risk management concepts control frameworks and compliance auditing.
- Ability to provide consultation and recommendations to management.
- Ability to present inside and/or outside the organization; speaking before assigned team or other groups as needed.
Why work for #teamloanDepot:
- Aggressive compensation package based on experience and skill set.
- Inclusive diverse and collaborative culture where people from all backgrounds can thrive.
- Work with other passionate purposeful and customercentric people.
- Extensive internal growth and professional development opportunities including tuition reimbursement.
- Comprehensive benefits package including Medical/Dental/Vision.
- Wellness program to support both mental and physical health.
- Generous paid time off for both exempt and nonexempt positions.
About loanDepot:
loanDepot (NYSE: LDI) is a digital commerce company committed to serving its customers throughout the home ownership journey. Since its launch in 2010 loanDepot has revolutionized the mortgage industry with a digitalfirst approach that makes it easier faster and less stressful to purchase or refinance a home. Today as the nations second largest nonbank retail mortgage lender loanDepot enables customers to achieve the American dream of homeownership through a broad suite of lending and real estate services that simplify one of lifes most complex transactions. With headquarters in Southern California and offices nationwide loanDepot is committed to serving the communities in which its team lives and works through a variety of local regional and national philanthropic efforts.
Base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay for this role is between $100$125000 per year. Your base pay will depend on multiple individualized factors including your jobrelated knowledge/skills qualifications experience and market location.
We are an equal opportunity employer and value diversity in our company. We do not discriminate based on race religion color national origin gender sexual orientation age marital status veteran status or disability status.
Required Experience:
Senior IC
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
