Remote - GRC Analyst

We’re looking for talented professionals, anywhere in the United States, to join us in bringing smart money management and payment solutions to everyone’s fingertips.

At Green Dot, we are evolving to a new and permanent “Work from Anywhere” model designed to maximize the benefits of remote work, promote and enable a strong culture of performance and connectedness, and attract the best and brightest talent who align with our entrepreneurial spirit and mission.

<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> 

JOB DESCRIPTION

GRC (InfoSec Governance, Risk, and Compliance) Analyst

Job Summary 
The GRC Analyst supports the risk identification and management process across all aspects of Information Security. Responsibilities include assessing the current adequacy of the security strategy, threats to networks, systems and applications, and calculating the impact of potential adverse events. Serve as liaison for audit and assessment initiatives.

Job Responsibilities 

• Maintain familiarity with a broad regulatory landscape impacting business and IT areas. Remain current with emerging regulatory sentiments as well as solution trends in the marketplace. Understand the impact of laws and regulations on company systems and technology.

• Recommend and implement changes in security policies, standards and/or procedures as needed. 

• Collaborate with the appropriate stakeholders to establish and maintain a system for assessing compliance with security and privacy policies.

• Map control requirements across information security frameworks to identify overlapping requirements and compliance efficiencies. 

• Review third parties by way of security due diligence

• Facilitate and support execution of external assessments relative to data security (SOC 1, SOC 2, PCI, etc.)

• Maintain information security risk management methodologies, definitions and processes; aligned with those from Enterprise Risk Management. Report on key risk indicators (KRIs) and key performance indicators (KPIs). 

• Continuously evaluate network and system security, data vulnerabilities, business continuity and compliance risks. 

Job Requirements 

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems or equivalent field required.

• 2-5 years experience in Information Security GRC, Risk Management, Information Technology or equivalent. 

• Experience with information security, control standards, and frameworks such as PCI DSS, ISO27001 and/or NIST CSF and 800-53 preferred. 

• Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC) strongly preferred. Other certifications such as Certified Information Security Manager (CISM), Project Management Professional (PMP), or Certified Information Systems Security Professional (CISSP) desired. 

• Knowledge of Financial Service industry regulations, risk management methodologies, operations or auditing is highly desired. 

• Ability to present issues and recommendations in a manner that will be understood and accepted by all responsible parties.

• Strong Excel and SharePoint skills are highly desired.

• Familiarity with GRC and problem management tools highly desired (RSA Archer, Jira, Confluence, LogicGate, ServiceNow, etc.)

• Experience performing Third-Party Risk Reviews, Due Diligence, and Contract Advisory support for InfoSec activities is highly desired.

• Experience with calculating cyber risk using industry risk methodologies (e.g. FAIR) is desired.

POSITION TYPE

PAY RANGE

The targeted base salary for this position is $84,500 to $126,000 per year. The final compensation will be determined by a number of factors such as qualifications, expertise, and the candidate’s geographical location.

<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>

Green Dot promotes diversity and provides equal opportunity for all applicants and employees. We are dedicated to building a company that represents a variety of backgrounds, perspectives, and skills. We believe that the more inclusive we are, the better our work (and work environment) will be for everyone. Additionally, Green Dot provides reasonable accommodations for candidates on request and respects applicants' privacy rights.