Sr Security Analyst â GRC (SOC 2 Compliance)
Sr Security Analyst â GRC (SOC 2 Compliance)
Posted on :
23-08-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
JOB TITLE:Sr Security Analyst GRC (SOC 2 Compliance)
LOCATION:Santiago DR
MODALITY: Remote
SCHEDULE: Mon - Fri 09:00 AM - 06:00 PM
GENERAL DESCRIPTION OR PURPOSE OF JOB:
The Senior Security Analyst GRC (SOC 2 Compliance) will play a critical role in ensuring Jostens compliance withAICPA SOC 2Trust Services Criteriaand other frameworks.The ideal candidate is a detail-oriented professional with a strong background in IT compliance risk management and internal controls.
RESPONSIBILITIES / ESSENTIAL FUNCTIONS:
SOC 2 Compliance:
- Lead and manage SOC 2 readiness planning assessments and audits..
- Conduct internal assessments to identify and mitigate risks related to SOC 2 compliance.
- Collaborate with internal teams and external auditors to ensure the timely completion of SOC 2 audits
- Monitor and validate the implementation of controls remediation activities and compliance with Trust Service Criteria.
- Maintain documentation and evidence required for SOC 2 compliance.
- Prepare reports and presentations on SOC 2 compliance status.
Providing training and awareness programs for internal stakeholders on SOC 2 compliance.
While the primary role is SOC 2 compliance the candidate will be asked to cross train and back up other GRC activities.
Additional Duties and Responsibilities:
- Jostens Information Security Program: Assist in the development maintenance and communication of policies standards and procedures.
- Risk Assessment: Assess risk and coordinate document and validate evidence to meet Jostens cybersecurity and risk requirements. Ensure appropriate treatment of risk.
- Audit/Assessments: Facilitate audits and assessments of IT programs and individual components to determine compliance with published standards (e.g. SOX ISO27000 PCI etc.).
- Vendor Management: Assist in Third-Party Risk Management as needed
- Training: Develop plan coordinate deliver and/or evaluate training courses.
- Metrics: Regularly report security metrics proposing improvement as needed.
- Privacy: Coordinate with legal and IT teams on privacy requests.
- Incident response: ensure proper documentation and post-incident analysis.
Required:
Education:
- Bachelors degree in Business or Accounting Information Security Information Management Systems Cybersecurity or other applicable area or related work experience.
Experience:
- Minimum 5 years in IT Information Security IT Audit or related role
- Hands-on experience with SOC2 and other risk management frameworks
- Experience with GRC/ third party management tools (e.g. Archer OneTrust ZenGRC Etc.)
- Strong understanding and working knowledge of compliance frameworks including SOC 2 Trust Service Criteria
Professional Skills and Knowledge:
- Excellent analytical and problem-solving skills
- Strong written and verbal communication skills
- Ability to work with technical and non-technical teams
- Ability to collaborate with cross-functional teams and external partners.
- Attention to detail with experience prioritizing and managing multiple projects with competing priorities.
- Certification applicable to a role in Information Security Governance Risk and Compliance (e.g. CISSP CISA CISM CRISC CRMA) is preferred.
Required Experience:
Senior IC
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
