Senior GRC Analyst

Garner

Completely RemoteFull TimeInformation Technology
Posted Today

Job description

Responsibilities

  • Manage and support compliance certifications including SOC 2, HITRUST, and ISO 27001 audits
  • Serve as the subject matter expert on compliance frameworks across the company
  • Act as the primary point of contact for external auditors and assessors
  • Manage the Security and Privacy trust center
  • Maintain the risk register and drive risk identification, scoring, and reporting
  • Manage the maintenance of compliance policies, standards, and procedures
  • Report on compliance posture to senior leadership
  • Scale the GRC function using AI and automation

Requirements

  • 5+ years of experience in GRC, IT audit, or information security compliance
  • Prior experience with HITRUST, SOC 2, and ISO 27001 audits
  • Hands-on experience with control design, evidence collection, and remediation in cloud-native environments
  • Ability to communicate effectively with engineers, operators, and executives
  • Experience using scripting and LLMs to automate repetitive tasks

Preferred Qualifications

  • Industry certifications such as CISA, CISM, CISSP, CRISC, or ISO 27001 Lead Auditor

About the Company

Garner is a fast-growing healthcare technology company reimagining how healthcare works in the U.S. by partnering with employers to redesign healthcare benefits using data-driven insights.

Skills & tools

GRCISO 27001SOC 2HITRUSTAWS

What the team is looking for

Use this list as a quick fit check before you apply.

  1. 015+ years GRC or IT audit experience
  2. 02Experience with HITRUST, SOC 2, and ISO 27001
  3. 03Cloud-native environment experience
  4. 04Scripting and LLM automation skills
ScoutJobsAd

Wake up to a shortlist, not a search results page.

ScoutJobs scores every new listing against your CV, salary floor and visa. A handful of real matches by morning.

Get your daily matches