Security GRC Analyst

DeWinter BH ·www.dewintergroup.com

Location San Jose, CA, United States
Salary USD 85 - 93 / hour
Type Full time
Level Mid
Source Shazamme
Accepting Candidates
Apply direct

Job Title: Security GRC Analyst

Overview:
Are you a dedicated security professional passionate about shaping enterprise risk management? We are seeking a dynamic Security GRC (Governance, Risk, and Compliance) Analyst to join a leading organization’s security team. In this critical role, you’ll influence how the company manages security risks, ensures regulatory compliance, and strengthens its security posture. If you thrive in a fast-paced environment and are eager to make a tangible impact in information security, this opportunity is perfect for you!

Required Skills:

  • 4+ years experience in governance, risk, compliance, or information security
  • 2+ years experience conducting 3rd party and supply chain risk assessments
  • Strong understanding of CISSP security domains and industry best practices
  • Knowledge of security regulatory requirements such as SOX and GDPR
  • Familiarity with ISMS frameworks (ISO 27001, NIST, CAIQ)
  • Experience with security certifications (ISO 27001, SOC 1, SOC 2, WebTrust)
  • Ability to communicate complex risk concepts to diverse audiences
  • Proficiency in controls development, implementation, and assessment
  • Strong project management, organizational, and interpersonal skills
  • Self-motivated with the ability to manage multiple stakeholders across time zones

Nice to Have Skills:

  • Automation experience related to security metrics and reporting
  • Experience with enterprise security risk management tools and methodologies
  • Knowledge of security incident response processes
  • Familiarity with security awareness training programs

Preferred Education and Experience:

  • Bachelor’s degree in information security, computer science, or related field (Master’s preferred)
  • Professional certifications such as CISSP, CISA, CISM, or equivalent are highly desirable
  • Prior experience working with compliance standards like ISO27001, GDPR, or NIST frameworks

Other Requirements:

  • Location: San Jose, CA (Hybrid work model: 2 days per week onsite)
  • Duration: 6+ months with the possibility of extension
  • Start Date: ASAP
  • Work Arrangement: Open to W2 and C2C candidates
  • Additional: Ability to engage in automation initiatives and support remediation efforts

DeWinter Group and Maris Consulting is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. We post pay scales which are based on our client pay ranges. DeWinter, Maris, and our clients have the right to modify the requirements of the role which can impact the pay ranges posted.

Frequently asked questions

Who is hiring for the Security GRC Analyst role?
DeWinter BH is hiring for the Security GRC Analyst position, a Shazamme client. Apply directly on the employer's career site.
Where is the Security GRC Analyst job located?
The Security GRC Analyst role with DeWinter BH is based in San Jose, CA, US.
What does the Security GRC Analyst role pay?
DeWinter BH lists the Security GRC Analyst role at USD 85–93 per hour.
Is the Security GRC Analyst role full-time or contract?
This is a full time position at DeWinter BH.
What experience level is the Security GRC Analyst role?
The Security GRC Analyst position is aimed at mid-level candidates.
How do I apply for the Security GRC Analyst role at DeWinter BH?
Apply directly on DeWinter BH's career page via the Apply button on this listing. ZammeJobs links straight through to the employer's ATS — no third-party form, no resume database.
Apply direct