GRC Analyst

The GRC analyst helps maintain A-LIGN’s management system related to information security standards, overseeing compliance programs, audits, and documentation.

Location: Bulgaria

Responsibilities

• Participate in A-LIGN’s management system related to information security standards (SOC 2, ISO 27001, NIST 800-53, NIST 800-171)
• Manage the annual audit calendar
• Coordinate annual audit activities with external and internal stakeholders
• Participate in internal and external audit activities
• Review and track non-conformities and opportunities for improvement from audits
• Prepare regular compliance reports
• Review, update, and manage documentation aligned with security standards and corporate goals
• Complete third-party questionnaires from clients
• Support vendor management processes
• Participate in business continuity and disaster recovery planning and testing

Requirements

• Bachelor’s degree in management information systems, Information Security, Cybersecurity, Business or related field or equivalent experience
• At least 1 year of IT security, governance, risk, or compliance experience
• Knowledge of security and risk frameworks (SOC 2, ISO 27001, NIST 800-53, NIST 800-171)
• Preferred knowledge of GRC tools (OneTrust, RSA Archer, Oracle)
• Preferred certifications (CISA, CISM, Security+, CCSK, ISO Lead Auditor)
• Ability to meet deadlines with high motivation
• Excellent critical thinking and problem-solving skills
• Strong communication and organizational skills
• Thrives in a fast-paced environment
• Ability to work independently and collaboratively

Benefits

• Healthcare, Dental, and Vision Benefits
• EAP - Employee Assistance Program
• Competitive Bonus Structure
• Home Office Reimbursement
• Technology Allowance
• Certification Reimbursement
• Public Transportation Card
• Multisport Card
• Personalized Career Coaching
• Generous Paid Time Off
• Paid Office Closure December 24-January 1
• Summer Hours