Sr. Security Analyst, GRC

About the position DAT is looking for a Sr. Security Analyst, GRC to join our security team. This position can be based in our Denver, CO office. The Sr. Security Analyst, GRC will play a key role in helping to plan, organize, and manage governance, risk, and compliance efforts in alignment with the company’s overall security and data privacy programs. You will also work to perform risk assessments on current internal systems, as well as assess the security controls of current and proposed vendors in alignment with DAT’s security policies and standards. Responsibilities • Own and lead internal and external audit engagements, including evidence collection, control testing, and remediation follow-up, ensuring continual compliance across multiple business units. • Drive risk management activities , including risk identification, assessment, tracking, and reporting, to inform leadership and strengthen the enterprise risk posture. • Lead Business Impact Assessments (BIA) and collaborate with stakeholders to align critical processes with recovery objectives. • Oversee Disaster Recovery (DR) and Business Continuity Planning (BCP) activities , including tabletop exercises, plan maintenance, and validation of recovery strategies. • Partner with business and technology leaders to mature governance, risk, and compliance processes, streamline reporting, and reduce recurring issues. • Provide mentorship and guidance to junior analysts across GRC domains, fostering a culture of compliance and risk awareness. Requirements • Team Player with strong communication, organizational, and relationship management skills. • Self-motivated, with keen attention to detail and excellent judgment skills. • Strong knowledge of security frameworks and regulations (e.g., NIST CSF, ISO 27001, SOX, PCI-DSS, HIPAA). • Demonstrated ability to own audit engagements end-to-end, from planning through evidence submission and remediation follow-up. • Strong stakeholder management skills with the ability to communicate clearly at both technical and executive levels. • Experience leading cross-functional initiatives to improve compliance posture or remediate findings. • Excellent organizational and project management skills, with attention to detail and deadlines. • Ability to write and present articulated documentation and processes. • Knowledge of hybrid IT systems, networking, co-locations, and cloud environments. • S. degree in cybersecurity, computer science, information technology or 1+ years IT work experience in the area of Governance, Risk and Compliance. • Proven experience (5+ years) in IT audit, compliance, or security control assessment within a regulated industry. Nice-to-haves • Professional certification preferred (e.g., CISA, CISSP, CISM, or equivalent). Benefits • Medical, Dental, Vision, Life, and AD&D insurance • Parental Leave • Up to 20 days of paid time off starting in year one • An additional 10 holidays of paid time off per calendar year • 401k matching (immediately vested) • Employee Stock Purchase Plan • Short- and Long-term disability sick leave • Flexible Spending Accounts • Health Savings Accounts • Employee Assistance Program • Additional programs - Employee Referral, Internal Recognition, and Wellness • Free TriMet transit pass (Beaverton Office) • Competitive salary and benefits package • Work on impactful projects in a cutting-edge environment • Collaborative and supportive team culture • Opportunity to make a real difference in the trucking industry • Employee Resource Groups Apply tot his job