GRC Analyst - Chapel Hill

About the position Responsibilities • Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities. • Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy. • Evaluate and mitigate risks associated with integration processes, working closely with risk management teams. • Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls. • Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders. • Maintain accurate documentation of integration activities and generate insightful reports for senior management. • Identify areas for improvement and drive enhancements to the integration process. • Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires. Requirements • 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration. • Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST, Experience with SOC1/2, GDPR, and privacy frameworks. • Proficiency in information security tools, techniques, and controls. • Experience with metrics and KPIs to measure and track information security risk. • Ability to develop policies, standards, and guidelines. • ISO27001:2022 Lead Implementer and lead auditor certifications are a must. Nice-to-haves • CISA, CISM, CISSP, or CRISC certifications are desirable. • Exceptional communication and interpersonal skills. • Analytical mindset with the ability to identify, assess, and mitigate risks. • Good project management skills with ISMS and control implementation experience. • Knowledge of GRC software tools and technology. • Attention to detail and commitment to high-quality deliverables that meet business and compliance objectives. Apply tot his job