Senior GRC Analyst

Modine Manufacturing Company

$120K — $190K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in InfoSec GRC, IT Audit, or IT Compliance with a focus on ITGC and SOX compliance.
  • Highly organized with a process-oriented mindset and project management skills.
  • Strong self-starter capable of meeting regulatory deadlines and driving initiatives independently.
  • Experience with configuring GRC tools like SimpleRisk, AuditBoard or LogicGate.
  • Knowledge of industry frameworks like NIST CSF, COBIT, COSO, and ISO 27001/27002.
  • Excellent communication skills to simplify complex concepts for various stakeholders.
  • Alignment with company values to enhance operational efficiency.

Responsibilities

  • Manage ITGC and SOX compliance, ensuring timely testing and evidence collection.
  • Coordinate with auditors for security and compliance reviews, delivering necessary documentation.
  • Collaborate with teams to design and monitor remediation plans for control gaps.
  • Lead updates of security policies to align with regulations and corporate risk tolerance.
  • Develop technical standards that facilitate compliance for administrators and business owners.
  • Optimize GRC tools for risk tracking and compliance management.
  • Conduct risk assessments and maintain documentation of risks and vulnerabilities.

Benefits

  • Comprehensive health, dental & vision insurance from day one.
  • Paid maternity and paternity leave at 100% after 90 days.
  • 401k plan with company match and employer contributions to HSA.
  • Paid short term and long term disability coverage.
  • Flexible time-off policies and tuition reimbursement.
Full Job Description
Senior GRC Analyst

Job Posting Location: Remote, USA

Posting Start Date: 7/13/26

Req Id: 9097

Required Travel: 0 - 20%

Remote, Onsite or Hybrid?: Remote

Position Description

We are seeking a highly structured, process-oriented, and proactive Senior GRC (Governance, Risk, and Compliance) Analyst to join our Information Security GRC team.

In this critical role, you will be the driving force behind the execution and continuous improvement of our IT General Controls (ITGC) framework, SOX compliance program, and overall risk management practices. You will serve as a key bridge between control owners, IT operational teams, internal/external audit, and corporate risk management. As a self-starter with deep compliance expertise, you will lead efforts to review, analyze, and update cybersecurity policies, manage GRC platform automation, and ensure that security risks are systematically identified, documented, and remediated.

Key Responsibilities

1. ITGC & SOX Compliance Management
  • Control Lifecycle Ownership: Track, monitor, and follow up with IT control owners to ensure all ITGC and SOX-related control tests and evidence collections are executed accurately, thoroughly, and on schedule.
  • Audit Readiness: Act as the primary coordinator for internal and external auditors during security and compliance reviews, ensuring timely delivery of documentation and evidence.
  • Remediation & Correction: Partner with IT and Security teams to design, document, and track effective remediation plans for any identified control gaps or deficiencies.

2. Policy, Standards & Procedures Governance
  • Policy Lifecycle: Lead the periodic review, analysis, and modernization of information security policies, standards, guidelines, and operating procedures to ensure alignment with evolving industry regulations and corporate risk tolerance.
  • Process Standardization: Support the development of clear, actionable technical standards and procedural documentation that simplify compliance for system administrators and business process owners.
  • Alignment: Ensure corporate security documentation matches standard industry frameworks (e.g., NIST CSF, ISO 27001, COBIT, COSO).

3. Risk Assessment & GRC Tool Management
  • GRC Tool Administration: Manage and optimize our GRC platform (such as SimpleRisk or similar tools) to automate risk registers, compliance mappings, and control tracking.
  • Risk Assessments: Conduct comprehensive IT and security risk assessments across applications, infrastructure, and third-party vendors.
  • Risk Register Maintenance: Document risks, vulnerabilities, and policy exceptions systematically, tracking them from identification through to mitigation or formal acceptance.

4. Business Partnering & Stakeholder Collaboration
  • Cross-Functional Liaison: Build strong, collaborative relationships with stakeholders across IT, Information Security, Internal Audit, Corporate Risk Management, and External Auditors.
  • Control Owner Support: Act as a subject matter expert and trusted advisor to control owners, offering ongoing guidance on compliance expectations, control design, and testing methodology.
  • Executive Reporting: Prepare clear, metrics-driven status updates, compliance dashboards, and risk posture reports for leadership.

5. Awareness & Continuous Improvement
  • Process Orientation: Constantly evaluate current GRC workflows to eliminate friction, automate manual checks, and introduce best practices.
  • Training & Enablement: Facilitate training sessions and develop educational resources for control owners to enhance organizational compliance awareness and accountability.


Required Education & Qualifications

Required Qualifications
  • Experience: 5+ years of dedicated experience in Information Security GRC, IT Audit, or IT Compliance, with a proven track record of managing and auditing IT General Controls (ITGCs) and SOX compliance.
  • Process Mindset: Extremely process-oriented with exceptional organizational and project management skills; ability to track dozens of moving compliance targets simultaneously without losing details.
  • Work Style: Proven self-starter who can take initiative, work independently, meet strict regulatory deadlines, and proactively drive results.
  • Tooling: Practical experience configuring and utilizing modern GRC tools (e.g., SimpleRisk, AuditBoard, LogicGate, or similar).
  • Framework Knowledge: Deep familiarity with leading risk and control frameworks (e.g., NIST CSF, COBIT, COSO, ISO 27001/27002).
  • Communications: Outstanding written and verbal communication skills, with the ability to translate complex technical control concepts into plain language for diverse audit, security, and business stakeholders.
  • Company Alignment: Ability to apply core corporate values and support operational efficiency initiatives (including 80/20 principles) to optimize GRC workflows.

Education & Certifications
  • Education: Bachelor's degree in Information Technology, Management Information Systems (MIS), Cybersecurity, Accounting, Finance, Business Administration, or equivalent professional experience.
  • Preferred Certifications: Highly desirable professional credentials such as:
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)

Travel Requirements
  • This position may require up to 15% travel depending on project needs and compliance audits.


Why Choose Modine?

Health & Well-being:
  • Day One
    • Competitive health, dental & vision insurance coverage
    • Employee Assistance Program
  • After 90 days of continuous employment
    • Maternity Leave (12 weeks at 100% pay)
      • 8 weeks of short term disability leave paid at 100%
      • 4 weeks of paid parental leave paid at 100%
    • Paternity Leave (4 weeks at 100% pay)


Financial Benefits:
  • 401k Retirement plan and company paid match
  • Life Insurance
  • Health Savings Account (HSA) with employer contribution
  • Flexible Spending Accounts (FSA)
  • Short Term Disability (company paid)
  • Long Term Disability


Work-Life Balance:
  • Competitive time-off policies
  • Tuition Reimbursement


To view full benefits information: MyModine Benefits

#LI-RR1

#LI-Remote

The salary range for this position is estimated in good faith to be $120,000-$190,000. The specific offer will depend on the candidate's qualifications, experience, and other job-related considerations but will be within the stated range. Where required by applicable law, a general description of benefits and other compensation offered for this role is also provided or made available.

This position is not eligible for any form of sponsorship (e.g. OPT or H1B visa status) now or in the future. Only individuals authorized to work in the United States now and for the foreseeable future will be considered for this position.

Similar Jobs

More Jobs at Modine Manufacturing Company

More Information Technology Jobs

Find similar Senior GRC Analyst jobs: