Principal Information Security GRC Analyst
Join to apply for the Principal Information Security GRC Analyst role at iManage.
Overview
We offer a flexible working policy that empowers iManage employees to balance work and well-being. We encourage two days per week in-office collaboration, offering opportunities to learn from peers in person, while also providing the flexibility needed for a meaningful work-life balance.
Role Summary
You are a dynamic security team leader eager to advance your career in Information Security. You will work with diverse stakeholders across IT, engineering, security operations, marketing, pre-sales, and customer security compliance teams. As a senior member, you will lead security governance, risk, and compliance projects, develop security documentation, manage compliance metrics, and support customer security activities. The role offers growth opportunities to a managerial position within 12-18 months.
Leadership Insights
Senior Director of Security Compliance, Michael Hall, highlights the team’s dedication to protecting our cloud platform and fostering a culture of growth. He emphasizes the exciting security challenges and the opportunity to work with industry experts.
Key Responsibilities
* Mentor a global team of junior security analysts, supporting recruitment and development.
* Manage security policies, standards, and process documentation, including customer-facing materials.
* Coordinate with customer teams for due diligence, legal reviews, and RFPs, identifying automation opportunities.
* Implement security training and awareness campaigns to foster a security-conscious culture.
* Operate our compliance platform, document repository, and customer trust center.
* Support the review and implementation of standards like ISO 27001, ISO 22301, SOC2, CSA STAR, FedRAMP.
* Monitor security control gap remediation activities and future compliance requirements.
* Define and report on Security KPIs, including dashboards and metrics.
* Collaborate with security leadership on governance and risk management.
Qualifications
* 10+ years of experience with security and compliance standards (ISO 27001, CSA STAR, NIST 800-xx, SOC 2).
* Experience leading a team.
* Solid background in IT and cloud environments, including data centers, networks, and security operations.
* Strong analytical, organizational skills, and attention to detail.
* Ability to work independently and collaboratively.
* Bachelor’s degree in Engineering, Computer Science, IT, or similar.
Preferred Skills
* Certifications such as CISA, CISM, CISSP, CRISC, GIAC.
* Experience in Incident Management and Business Continuity.
Additional Notes
We value diversity and encourage candidates from all backgrounds to apply, even if they do not meet every qualification. Our environment promotes growth, learning, and inclusion.
#J-18808-Ljbffr