Information Security - GRC Analyst (Governance, Risk & Compliance)
About G2 - Our People
G2 was founded to create a place where people will love to work. We strive to create meaning in work and provide more than just a job: a true calling. At the heart of our community and culture are our people. Our global G2 team comes from a wide range of backgrounds and experiences, and that’s what makes our G2 community strong and vibrant. We want everyone to bring their authentic selves to work, and we do this through our company and team events, our G2 Gives charitable initiatives, and our Employee Resource Groups (ERGs).
Our employee-led, leadership-supported ERGs celebrate the diversity of our team, foster inclusivity and belonging, and create a space to connect to each other. Through connections and understanding, we build a stronger and more dynamic global team and help every person reach their personal peak.
We support our employees by offering generous benefits, such as flexible work, ample parental leave, and unlimited PTO. Click here to learn more about our benefits.
About G2 - The Company
When you join G2, you join the global team behind the largest and most trusted software marketplace. Every month, 5.5 million people come to G2 to inform smarter software decisions based on honest peer reviews. Authenticity is our focus, and every day we help thousands of companies, and hundreds of employees, propel their potential. Ready for meaningful work that starts and ends with compassion and heart? You’ve come to the right place.
G2 is going through exciting growth! We’ve recently secured our Series D funding of $157 million, which will further allow us to grow and develop our product and people. Read about it here!
About The Role
G2 is looking for a bright, organized, and dependable person who is passionate about governance, risk, and compliance. The GRC Analyst will be instrumental in driving our compliance and risk efforts, ensuring G2 alignment with programs such as ISO27001, SOC2, CSA and others relevant frameworks . They will collaborate closely with various internal teams to provide insights, guidance, and oversight related to GRC best practices.The ideal candidate is excited about joining a fast paced, industry leading company. We are looking for a self-motivated professional who will help build out G2’s information security initiatives!
This is a hybrid position, with the team meeting in person one-two days a week at our Chicago HQ.
In This Role, You Will:
- Evaluate, benchmark, and align our SaaS operations with SOC2, ISO27001, CSA, and other relevant compliance frameworks.
- Perform IT risk assessments, identify vulnerabilities, and work closely with technical teams to ensure that risks are mitigated appropriately.
- Coordinate internal and external audits, serve as the main point of contact for auditors, provide required documentation, and ensure timely closure of audit findings.
- Develop, maintain, and update comprehensive information security policies, procedures, and controls in line with recognized standards and best practices.
- Collaborate with different departments and provide guidance on compliance requirements and best practices.
- Stay updated with the latest compliance requirements, technological advancements, and industry best practices to ensure continuous improvement of G2’'s information security posture.
- Training & Awareness: Coordinate and contribute to information security awareness and training programs to foster a culture of security within the organization.
We realize applying for jobs can feel daunting at times. Even if you don’t check all the boxes in the job description, we encourage you to apply anyway.
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related work experience.
- 1-3 years of proven experience in governance, risk, and compliance roles, preferably within a SaaS environment.
- Information security certifications such as CISSP, CISM, or CISA are preferred.
- Familiarity with SOC2, ISO27001, NIST, CSA, and other relevant compliance frameworks.
- Understanding of IT and security concepts, best practices, and market trends.
- Excellent communication skills, both written and verbal, with the ability to convey complex security issues to non-technical stakeholders.
- Strong organizational and project management skills with a keen attention to detail.
What Can Help Your Application Stand Out:
- Other certifications such as. Security+, GSEC, PMP, etc are a plus
- Worked with GRC tools like Drata, Whistic, Auditboard, Vanta, for managing audit controls, evidence gathering and reporting before.
- Familiarity with privacy regulations like GDPR, CCPA, and LGPD.
- Experience in other technical or non technical areas (business administration, legal, product management, project management,software development, etc)
Our Commitment to Inclusivity and Diversity
At G2, we are committed to creating an inclusive and diverse environment where people of every background can thrive and feel welcome. We consider applicants without regard to race, color, creed, religion, national origin, genetic information, gender identity or expression, sexual orientation, pregnancy, age, or marital, veteran, or physical or mental disability status. Learn more about our commitments here.
For job applicants in California, the United Kingdom, and the European Union, please review this applicant privacy notice before applying to this job.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
USA, CO, Colorado Springs … USA, CO, Colorado Springs (150 Vandenberg St) Full TimeSenior Senior-levelUSD 81K - 186K USD 81K+
Booz Allen Hamilton
Cyber Operations for Space Analyst and Technical WriterClearance Compliance Computer Science ConOps DoD DoDD 8140 +5
401(k) matching Career development Equity Flex hours Flex vacation +4
Allen, TX, United States Allen, TX, United States Full TimeSenior Senior-levelUSD 52K - 98K * USD 52K+ *
CFC (Cyber Fusion Centre) Sr. Threat Detection Analyst I - US REMOTE ONLYAgile CERT Firewalls GIAC IDS Intrusion detection +9
401(k) matching Career development Competitive pay Equity Flex hours +5
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open DoD-related jobs