Welcome page

GRC Analyst

Job Locations US-TN-Nashville
ID
2025-6293
Category
Technology
Position Type
Regular Full-Time
Work From Home
No

About HireRight

HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide

Overview

This role reports to the Senior Director, Governance Risk & Compliance and will assist in the management of all aspects of corporate compliance and risk management, third-party vendor management, and operational monitoring to ensure that the organization's Information Security policies and procedures are implemented and well documented, and that compliance issues are identified and remediation plans formalized in a timely fashion. Additionally, incumbents will perform internal reviews and develop risk management strategies to avoid non-compliance.

Responsibilities

  • Independently evaluates and analyzes issues or recommendations for improvements in processes to mitigate risks and bring programs and operations into compliance with the goals and objectives of the Corporate Compliance Program and communicates results to management and other key stakeholders.
  • Takes a lead role in the development and execution of internal Information Security risk identification and assessment program. This includes: risk assessments, internal project security reviews, coordination of risk treatment activities, and communication of assessment results.
  • Serve as company representative with clients and partners, responding to security questionnaires and managing audits
  • Continually reviews and improves the risk assessment methodology, process, and procedures.
  • Assists in developing and administering ongoing IT compliance monitoring and governance activities.
  • Advises internal business clients on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities in their environment.
  • Contributes to various project requests from functional teams to increase operational efficiency, strengthen IT environment, and help meet the company's internal and external regulatory or compliance requirements.
  • Performs ad-hoc compliance requests or additional duties as assigned

Qualifications

  • BS, BA in Information Technology, Computer Science or other related Business/Technology/Analytical studies *CISSP, CISA, CISM, CRISC, CPP(ASIS), ISO 27001 Lead Auditor, or similar certification
  • Prior experience conducting internal risk assessment workshops and providing guidance to functional teams with the implementation, monitoring, and reporting of appropriate risk treatment measures to drive conformity with policies and procedures, and establish effective internal controls processes

Extensive information security regulatory compliance experience: ISO 27001, PCI DSS, SOC 2, EI3PA, HIPPA, or similar

Experience interpreting industry and regulatory requirements and authoring supporting controls.

Experience performing third party assurance assessments; AuditBoard experience for risk assessments and compliance management a plus

Excellent client relationship and customer service skills, with a clear client focus

Strong project management skills

High degree of independence and exceptional work ethic with a team player attitude and a solution oriented mind

Familiarity with core IT and Information Security Technologies

Exceptional interpersonal, written and oral communication skills

 

 

Has knowledge of technical discipline and work processes.

Provides investigative, analytic or diagnostic services that affect a wide range of the unit’s activities and suggests improvements.

Has good understanding of roles of the relevant functional groups within own area.

Requires extensive training and experience to resolve a wide range of issues.

What do we offer

HireRight offers its employees a competitive salary, permanent contract and a comprehensive package of benefits. From day one you will receive a training plan to get you on board quickly. Additionally, we offer:

HireRight offers a competitive benefit package which includes:

  • Medical
  • Dental
  • Vision
  • Paid Life/AD&D Insurance
  • Voluntary Life Insurance
  • Short & Long Term Disability
  • Flexible Spending Accounts
  • 401K
  • Generous Vacation and Sick Program
  • 10 Paid Holidays
  • Education Assistance Program
  • Business Casual Attire
  • Generous Referral Program
  • Employee Discounts and Rewards
  • And much more!
  • All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.


Please submit resume/CV in English. Please be informed that the company does not provide a visa sponsorship.

All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.

HireRight does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of HireRight and HireRight will not be obligated to pay a placement fee.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed