Senior GRC Analyst

Payscale is seeking a Senior GRC Analyst to drive governance, compliance, and risk processes across the organization. The role involves leading security assessments, supporting internal and external audits, and advising on security requirements.

Requirements

• 5+ years of experience in cybersecurity, with at least 3 years focused on GRC in a SaaS company
• Industry certifications such as CISSP, CRISC, CISM, or CISA strongly preferred
• Experience in risk management frameworks such as NIST RMF or ISO27005
• Experience implementing cybersecurity frameworks (e.g., NIST CSF, ISO27001)
• Experience in compliance tracking and monitoring of regulatory frameworks such as GDPR
• Experience auditing and assessing cybersecurity controls such as NIST 800-53, ISO, or CIS18
• Experience with GRC tools (e.g., Archer, Drata, ServiceNow GRC)
• Experience with data and system classification schemes
• Excellent communication, analytical, and problem-solving skills
• Ability to influence cross-functional teams and drive security initiatives
• Experience in a regulated industry (finance, healthcare, government, etc.) a plus
• Knowledge of cloud hosting audits and risk assessments
• Experience with business continuity and disaster recovery planning

Benefits

• 15 paid Romania public holidays + 2 additional Payscale holidays
• 25 paid days of additional leave
• Supplemental medical covered by Payscale for employees
• Employees can add supplemental for family/spouse/dependents at their own expense
• Additional days of per RO Labor Code that are not included in holidays & additional leave days
• Open and inclusive environment with opportunities for learning and growth
• Company sponsored volunteer hours
• Access to continued learning & development opportunities