Senior GRC Analyst
Job Posting Location: Remote, USA
Posting Start Date: 7/13/26
Req Id: 9097
Required Travel: 0 - 20%
Remote, Onsite or Hybrid?: Remote
Position DescriptionWe are seeking a highly structured, process-oriented, and proactive Senior GRC (Governance, Risk, and Compliance) Analyst to join our Information Security GRC team.
In this critical role, you will be the driving force behind the execution and continuous improvement of our IT General Controls (ITGC) framework, SOX compliance program, and overall risk management practices. You will serve as a key bridge between control owners, IT operational teams, internal/external audit, and corporate risk management. As a self-starter with deep compliance expertise, you will lead efforts to review, analyze, and update cybersecurity policies, manage GRC platform automation, and ensure that security risks are systematically identified, documented, and remediated.
Key Responsibilities1. ITGC & SOX Compliance Management- Control Lifecycle Ownership: Track, monitor, and follow up with IT control owners to ensure all ITGC and SOX-related control tests and evidence collections are executed accurately, thoroughly, and on schedule.
- Audit Readiness: Act as the primary coordinator for internal and external auditors during security and compliance reviews, ensuring timely delivery of documentation and evidence.
- Remediation & Correction: Partner with IT and Security teams to design, document, and track effective remediation plans for any identified control gaps or deficiencies.
2. Policy, Standards & Procedures Governance - Policy Lifecycle: Lead the periodic review, analysis, and modernization of information security policies, standards, guidelines, and operating procedures to ensure alignment with evolving industry regulations and corporate risk tolerance.
- Process Standardization: Support the development of clear, actionable technical standards and procedural documentation that simplify compliance for system administrators and business process owners.
- Alignment: Ensure corporate security documentation matches standard industry frameworks (e.g., NIST CSF, ISO 27001, COBIT, COSO).
3. Risk Assessment & GRC Tool Management - GRC Tool Administration: Manage and optimize our GRC platform (such as SimpleRisk or similar tools) to automate risk registers, compliance mappings, and control tracking.
- Risk Assessments: Conduct comprehensive IT and security risk assessments across applications, infrastructure, and third-party vendors.
- Risk Register Maintenance: Document risks, vulnerabilities, and policy exceptions systematically, tracking them from identification through to mitigation or formal acceptance.
4. Business Partnering & Stakeholder Collaboration - Cross-Functional Liaison: Build strong, collaborative relationships with stakeholders across IT, Information Security, Internal Audit, Corporate Risk Management, and External Auditors.
- Control Owner Support: Act as a subject matter expert and trusted advisor to control owners, offering ongoing guidance on compliance expectations, control design, and testing methodology.
- Executive Reporting: Prepare clear, metrics-driven status updates, compliance dashboards, and risk posture reports for leadership.
5. Awareness & Continuous Improvement - Process Orientation: Constantly evaluate current GRC workflows to eliminate friction, automate manual checks, and introduce best practices.
- Training & Enablement: Facilitate training sessions and develop educational resources for control owners to enhance organizational compliance awareness and accountability.
Required Education & QualificationsRequired Qualifications - Experience: 5+ years of dedicated experience in Information Security GRC, IT Audit, or IT Compliance, with a proven track record of managing and auditing IT General Controls (ITGCs) and SOX compliance.
- Process Mindset: Extremely process-oriented with exceptional organizational and project management skills; ability to track dozens of moving compliance targets simultaneously without losing details.
- Work Style: Proven self-starter who can take initiative, work independently, meet strict regulatory deadlines, and proactively drive results.
- Tooling: Practical experience configuring and utilizing modern GRC tools (e.g., SimpleRisk, AuditBoard, LogicGate, or similar).
- Framework Knowledge: Deep familiarity with leading risk and control frameworks (e.g., NIST CSF, COBIT, COSO, ISO 27001/27002).
- Communications: Outstanding written and verbal communication skills, with the ability to translate complex technical control concepts into plain language for diverse audit, security, and business stakeholders.
- Company Alignment: Ability to apply core corporate values and support operational efficiency initiatives (including 80/20 principles) to optimize GRC workflows.
Education & Certifications - Education: Bachelor's degree in Information Technology, Management Information Systems (MIS), Cybersecurity, Accounting, Finance, Business Administration, or equivalent professional experience.
- Preferred Certifications: Highly desirable professional credentials such as:
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
Travel Requirements - This position may require up to 15% travel depending on project needs and compliance audits.
Why Choose Modine? Health & Well-being:- Day One
- Competitive health, dental & vision insurance coverage
- Employee Assistance Program
- After 90 days of continuous employment
- Maternity Leave (12 weeks at 100% pay)
- 8 weeks of short term disability leave paid at 100%
- 4 weeks of paid parental leave paid at 100%
- Paternity Leave (4 weeks at 100% pay)
Financial Benefits:- 401k Retirement plan and company paid match
- Life Insurance
- Health Savings Account (HSA) with employer contribution
- Flexible Spending Accounts (FSA)
- Short Term Disability (company paid)
- Long Term Disability
Work-Life Balance:- Competitive time-off policies
- Tuition Reimbursement
To view full benefits information: MyModine Benefits
#LI-RR1
#LI-Remote
The salary range for this position is estimated in good faith to be $120,000-$190,000. The specific offer will depend on the candidate's qualifications, experience, and other job-related considerations but will be within the stated range. Where required by applicable law, a general description of benefits and other compensation offered for this role is also provided or made available.
This position is not eligible for any form of sponsorship (e.g. OPT or H1B visa status) now or in the future. Only individuals authorized to work in the United States now and for the foreseeable future will be considered for this position.