Senior Cyber GRC Analyst

| Greater Denver Area

This role reports to the VP, Information Security and performs internal audits, risk assessments and third-party vendors reviews to ensure compliance to company security policies. Responsible for supporting the business in fulfilling security information requests associated with Proposals (RFP), questionnaires, sales questions, third party risk assessments and audits. Reviews customer and prospect contracts and provides suggested alternatives regarding client requested contractual security requirements. Collaborates with Sales, Legal, Customer Success and Engineering to build and maintain an in-depth understanding of each areas environment and security controls to ensure timely and accurate responses to security information requests. Determines what information can be shared with customers and external parties at different phases of the client relationship to provide assurance with the Security Program, without compromising the IT Security posture of the organization.

Key Responsibilities:

Internal Audit, Compliance and Risk Assessments

  • Conduct scheduled internal audits as per prescribed Cybersecurity Frameworks
  • Prepare and lead Cybersecurity Framework audits driving compliance
  • Perform risk assessments related to infrastructure, platforms and applications as per risk management framework
  • Configure and implement tools to manage, monitor and escalate internal risks 

Customer security risk assessments  

  • Review and edit security questionnaires and RFPs as well as fielding questions detailing security capabilities.
  • Lead prospect, customer and third-party security meetings reinforcing the businesses security and compliance program.

Contract reviews

  • Hands-on iterative review of security/compliance aspects of new and renewed customer contracts.
  • Provides suggestions and contract redlines regarding what security terms we can accept from clients.

Third Party Risk Management

  • Lead vendor and third-party risk management process

Minimum Qualifications:

  • Knowledge in auditing security frameworks that may include ISO 27001, SOC 2 and HITRUST.
  • Contract Management, Information Technology, IT Risk, IT Audit, InfoSec or similar experience required.
  • Excellent attention to detail required and strong issues spotting, drafting and communication skills required.
  • Must be client service focused with ability to successfully partner with internal stakeholders.
  • Must be able to multi-task and independently manage workflow / priorities and solve problems within company guidelines.

 Preferred Qualifications:

  • Knowledgeable in security best practices (ISO 27001, SOC 2, HIPAA, etc.)
  • Knowledgeable of privacy best practices (Privacy Shield, GDFR, Safe Harbor, etc.)
  • Familiarity with systems and tools including: IDS/IPS, HIDS, SIEM, AV, vulnerability assessments, etc.
  • CISSP, CISM/CISA, CRISC or other industry InfoSec certification a plus

 About Convercent:

Robust. Agile. Collaborative. And you should see our software. Bringing the transformative power of the cloud to the compliance and ethics industry, Convercent's award-winning SaaS solution empowers our customers to be more effective and efficient in managing their compliance efforts and mitigating risk. With an inclination towards innovation, Convercent is helping our customers raise the standard--and expectations--for how companies safeguard their financial and reputational health. 

Convercent is an equal opportunity employer and all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Read Full Job Description

Technology we use

  • Engineering
    • .NETLanguages
    • C#Languages
    • ASP.NETFrameworks


RiNo District

An Insider's view of Convercent

What's something quirky about your company?

I absolutely love that I can be in the kitchen, bathroom, or walking around and I will bump into people from all different departments and have really meaningful conversations.


Manager, Event Marketing

What's the biggest problem your team is solving?

The process of ingesting data from our customers can be difficult and lengthy. Team Massive is working on a new implementation that can import multiple large files simultaneously and at a faster rate.


Sr. Software Engineer

What are Convercent Perks + Benefits

Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Pet Insurance
Wellness Programs
Retirement & Stock Options Benefits
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Stocked Kitchen
Happy Hours
Pet Friendly
More Jobs at Convercent9 open jobs
All Jobs
Project Mgmt