Discover Your Next Cybersecurity Role!
At InRule Technology, we revolutionize the way organizations in more than 40 countries worldwide make mission-critical decisions by infusing cutting-edge technology into their processes. Some of the largest banks, insurance companies, healthcare organizations, and governments rely on InRule to deliver frictionless, intuitive solutions that provide the power of computing without the complexity of programming.
As part of the InRule Technology team, you'll be at the forefront of a technological revolution, helping drive adoption of our powerful AI Decisioning platform that weaves together declarative logic, non-declarative machine learning, and human-in-the-loop automation.
InRule enables automated decision-making, driving tangible results and propelling organizations toward unprecedented heights of productivity. In 2023, Forrester named InRule a Leader in The Forrester WaveTM: AI Decisioning Platforms.
Reporting to the VP, Technical Operations, the GRC Security Analyst will drive the planning and execution of our global Governance, Risk, and Compliance (GRC) initiatives and audits. At InRule, this is a vital role that collaborates closely with other departments to ensure compliance with regulations and industry standards.
Responsibilities
UaobS6wgLX
As part of the InRule Technology team, you'll be at the forefront of a technological revolution, helping drive adoption of our powerful AI Decisioning platform that weaves together declarative logic, non-declarative machine learning, and human-in-the-loop automation.
InRule enables automated decision-making, driving tangible results and propelling organizations toward unprecedented heights of productivity. In 2023, Forrester named InRule a Leader in The Forrester WaveTM: AI Decisioning Platforms.
Reporting to the VP, Technical Operations, the GRC Security Analyst will drive the planning and execution of our global Governance, Risk, and Compliance (GRC) initiatives and audits. At InRule, this is a vital role that collaborates closely with other departments to ensure compliance with regulations and industry standards.
Responsibilities
- Coordinate and manage compliance audit activities with external auditors and internal control owners to ensure timely and successful completion of audit requirements related to SOC2, ISO27001, GDPR, and other future frameworks.
- Work with the Data Protection Officer (DPO) to execute data deletion requests, maintain our privacy policy, and track data sub-processors.
- Conduct risk assessments and software vulnerability assessments to identify potential cybersecurity threats; document and follow up on security-related findings.
- In preparation for external audits, support monitoring, evidence collection, gap assessments, and reviews as needed.
- Conduct periodic reviews and audits of internal policies, controls, and processes; publish findings outlining successes and opportunities for improvement.
- Partner with business stakeholders (such as Engineering and IT Operations management) to identify risks, propose mitigation strategies, and inform on emerging security threats and trends.
- Develop and maintain basic GRC documentation, such as policy and procedure documents or project plans.
- Manage and document scalable processes and automation to support our growth and compliance initiatives.
- Develop and assess operating effectiveness of controls.
- Assist in completion of customer assurance activities, such as security questionnaires.
- Perform vendor security evaluations of existing and new vendors.
- At least 5+ years of experience managing or maturing GRC programs, preferably within a high-growth Cloud/SaaS environment
- Have a strong working knowledge of ISO27001, SOC2, and GDPR
- Ability to identify gaps, create mitigation plans, and work with control owners to implement changes
- Experience interacting with current and prospective customers to help navigate the security review process
- Strong communication skills with the ability to build relationships across departments and cultures as part of a global distributed team
- Experience using compliance and security tools; experience with Vanta is highly desired
- Excellent interpersonal, communication, and presentation skills, including findings and report writing experience
- Experience completing customer security questionnaires
- Ability to execute with urgency and attention to detail
- Experience working with cloud technologies, preferably Azure
- Relevant information security certifications (such as CISM) are a strong plus
- Chicago, IL or Remote Eastern Time Zone Preferred (Residence in the US is required)
UaobS6wgLX