GRC Compliance Analyst

Title: GRC Compliance Analyst Location: Remote (USA) Duration: 12 Months (Only W2) Job Description: • The Compliance Analyst is charged with assisting in the identification, assessment, measurement, monitoring, and reporting of risk. • This Compliance Analyst’s primary function will involve supporting the ongoing activities required by Apptio with our Australian Information Security Registered Assessors Program (IRAP), US federal (FedRAMP and DoD), or other SaaS environments. • In addition, this role may be called on to support or lead corporate operations and IT compliance audits and assessments (including international Frameworks), vendor and partner risk assessments, or support customer assurance efforts to address questions from customers as needs and interests require. • The Compliance Analyst will also perform compliance advisory functions with various portions of the business. • The ideal candidate will deeply understand current assessment frameworks, technologies, and processes while being continuously on the lookout for innovative and flexible ways to automate or improve processes that support a fast-paced, secure, and empowered environment. What You’ll Do: • This role covers audit, compliance, vendor risk, and customer assurance functions in the context of security and privacy within our Australian IRAP, US FedRAMP or other program such as: • Assisting with internal and external audits and assessments including control assessment, monitoring, and reporting including collection and organization of evidence; • Working with various internal teams or external parties to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented; • Performing other duties within the scope of governance, risk, and compliance as needed. What You’ll Need: • 3+ years of working experience on different compliance frameworks, including Australian Signals Directorate, Australian IRAP, US FedRAMP, NIST, US DoD Cloud Computing Security Requirements Guide (SRG), CMMC, and other emerging standards. • Experience in program or project management, auditing, and/or control framework development and implementation. • Fundamental technical understanding of key technologies such as Windows, Linux, and Apple operating systems, networks, application development, databases, virtualization, and cloud infrastructure; and Excellent communication skills to work across teams within Apptio successfully. Bonus Points: • Prior writing of system security plans (SSPs) or authorization documentation for federal platforms. Check Point Threat Extraction secured this document Get Original • Ability to think strategically about risks and tie those risks to tactical organizational activities. • Experience with a cloud environment and the Apptio products or services. • Open to learning and working on new domains and technology Remote About the Company: Lorven Technologies Apply tot his job