What are the responsibilities and job description for the GRC Analyst position at HireRight?
About HireRight
HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide
Overview
This role reports to the Senior Director , Governance Risk & Compliance and will assist in the management of all aspects of corporate compliance and risk management, third-party vendor management, and operational monitoring to ensure that the organization's Information Security policies and procedures are implemented and well documented, and that compliance issues are identified and remediation plans formalized in a timely fashion. Additionally, incumbents will perform internal reviews and develop risk management strategies to avoid non-compliance.
Responsibilities
Experience interpreting industry and regulatory requirements and authoring supporting controls.
Experience performing third party assurance assessments; AuditBoard experience for risk assessments and compliance management a plus
Excellent client relationship and customer service skills, with a clear client focus
Strong project management skills
High degree of independence and exceptional work ethic with a team player attitude and a solution oriented mind
Familiarity with core IT and Information Security Technologies
Exceptional interpersonal, written and oral communication skills
Has knowledge of technical discipline and work processes.
Provides investigative, analytic or diagnostic services that affect a wide range of the unit’s activities and suggests improvements.
Has good understanding of roles of the relevant functional groups within own area.
Requires extensive training and experience to resolve a wide range of issues.
What Do We Offer
HireRight offers its employees a competitive salary, permanent contract and a comprehensive package of benefits. From day one you will receive a training plan to get you on board quickly. Additionally, we offer:
HireRight offers a competitive benefit package which includes:
All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.
HireRight does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of HireRight and HireRight will not be obligated to pay a placement fee.
HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide
Overview
This role reports to the Senior Director , Governance Risk & Compliance and will assist in the management of all aspects of corporate compliance and risk management, third-party vendor management, and operational monitoring to ensure that the organization's Information Security policies and procedures are implemented and well documented, and that compliance issues are identified and remediation plans formalized in a timely fashion. Additionally, incumbents will perform internal reviews and develop risk management strategies to avoid non-compliance.
Responsibilities
- Independently evaluates and analyzes issues or recommendations for improvements in processes to mitigate risks and bring programs and operations into compliance with the goals and objectives of the Corporate Compliance Program and communicates results to management and other key stakeholders.
- Takes a lead role in the development and execution of internal Information Security risk identification and assessment program. This includes: risk assessments, internal project security reviews, coordination of risk treatment activities, and communication of assessment results.
- Serve as company representative with clients and partners, responding to security questionnaires and managing audits
- Continually reviews and improves the risk assessment methodology, process, and procedures.
- Assists in developing and administering ongoing IT compliance monitoring and governance activities.
- Advises internal business clients on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities in their environment.
- Contributes to various project requests from functional teams to increase operational efficiency, strengthen IT environment, and help meet the company's internal and external regulatory or compliance requirements.
- Performs ad-hoc compliance requests or additional duties as assigned
- BS, BA in Information Technology, Computer Science or other related Business/Technology/Analytical studies *CISSP, CISA, CISM, CRISC, CPP(ASIS), ISO 27001 Lead Auditor, or similar certification
- Prior experience conducting internal risk assessment workshops and providing guidance to functional teams with the implementation, monitoring, and reporting of appropriate risk treatment measures to drive conformity with policies and procedures, and establish effective internal controls processes
Experience interpreting industry and regulatory requirements and authoring supporting controls.
Experience performing third party assurance assessments; AuditBoard experience for risk assessments and compliance management a plus
Excellent client relationship and customer service skills, with a clear client focus
Strong project management skills
High degree of independence and exceptional work ethic with a team player attitude and a solution oriented mind
Familiarity with core IT and Information Security Technologies
Exceptional interpersonal, written and oral communication skills
Has knowledge of technical discipline and work processes.
Provides investigative, analytic or diagnostic services that affect a wide range of the unit’s activities and suggests improvements.
Has good understanding of roles of the relevant functional groups within own area.
Requires extensive training and experience to resolve a wide range of issues.
What Do We Offer
HireRight offers its employees a competitive salary, permanent contract and a comprehensive package of benefits. From day one you will receive a training plan to get you on board quickly. Additionally, we offer:
HireRight offers a competitive benefit package which includes:
- Medical
- Dental
- Vision
- Paid Life/AD&D Insurance
- Voluntary Life Insurance
- Short & Long Term Disability
- Flexible Spending Accounts
- 401K
- Generous Vacation and Sick Program
- 10 Paid Holidays
- Education Assistance Program
- Business Casual Attire
- Generous Referral Program
- Employee Discounts and Rewards
- And much more!
- All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.
All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.
HireRight does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of HireRight and HireRight will not be obligated to pay a placement fee.
