GRC Professional

Who are we?

Checkmarx is the enterprise application security leader and the host of Checkmarx One™ — the industry-leading cloud-native AppSec platform that helps enterprises build #DevSecTrust.

Powered by the intelligence from our industry-leading AppSec security research team, and our AI-driven technology and services, our platform is designed to enable CISOs, AppSec and development leaders to prioritize their teams’ focus on what impacts their business.

Our offerings secure every phase of development for every application, from the very first line of code through production, while simultaneously balancing the dynamic needs of security and development teams.

We are honored to serve more than 1,800 customers, which includes 60 per cent of all Fortune 100 organizations. We are committed to moving forward with the unwavering dedication to the safety and security of our customers, and the applications that power our day-to-day lives.

What are we looking for

The GRC Analyst will be responsible for supporting the organization’s governance, risk, and compliance programs. This role involves assessing and mitigating risks, ensuring compliance with regulations and standards, and promoting best practices in governance.

Responsibilities:

• Risk Management:

• Identify, assess, and prioritize risks across the organization.

• Develop and implement risk mitigation strategies.

• Monitor and report on risk exposure and mitigation efforts.

• Compliance:

• Ensure compliance with relevant laws, regulations, and standards.

• Conduct regular audits and assessments to verify compliance.

• Develop and maintain compliance documentation and reports.

• Governance:

• Assist in developing and maintaining governance frameworks and policies.

• Promote a culture of compliance and risk awareness within the organization.

• Support internal and external audits, including evidence collection and response preparation.

• Policy and Procedure Development:

• Create, review, and update policies and procedures related to governance, risk, and compliance.

• Ensure policies and procedures are effectively communicated and implemented across the organization.

• Training and Awareness:

• Develop and deliver training programs to enhance employee awareness of governance, risk, and compliance issues.

• Keep up-to-date with industry trends and best practices in GRC.

• Incident Response:

• Assist in the management of incidents, including breach investigations and response.

• Coordinate with relevant departments to ensure timely resolution of incidents.

Qualifications:

• Bachelor’s degree in Information Security, Business Administration, or a related field.

• 2+ years of experience in a GRC role or a similar capacity.

• Strong understanding of risk management and compliance frameworks (SOC2 ,ISO 27001, NIST).

• Advantage familiarity with regulatory requirements (FedRamp, HIPAA).

• Proficiency in GRC tools and software.

• Excellent analytical, organizational, and communication skills.

• Ability to work independently and collaboratively in a team environment.

• Relevant certifications (e.g., CISSP, CISM, CRISC) are a plus.

Skills:

• Analytical thinking and problem-solving.

• Attention to detail and accuracy.

• Strong written and verbal communication in English.

• Ability to manage multiple tasks and prioritize effectively.

• Proficiency with GRC tools like HyperProof .

What we have to offer

Checkmarx offers a great work environment, professional development, challenging careers, competitive compensation, great work-life balance, as well as great benefits and perks throughout the year. Checkmarx is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, or other characteristics protected by law.