GRG Analyst - Support Engineer

GRG Analyst - Support Engineer

Posted Today by Avenue Code, LLC

Negotiable
Undetermined
Remote
Remote

Summary: The GRG Analyst - Support Engineer role involves executing controls assurance activities to identify technology risks and support compliance efforts within a remote US team. The position requires collaboration across the organization to maintain compliance documentation and mitigate security risks. Candidates should have experience in Governance, Risk, and Compliance (GRC) and possess strong project management and communication skills. The role is focused on access and change management responsibilities, with an emphasis on proactive problem-solving and initiative.

Key Responsibilities:

  • Execute controls assurance activities leveraging existing control framework to identify technology risks, review existing control implementation, and support compliance efforts.
  • Support compliance evidence request review and collection to ensure control activity documentation meets compliance requirements.
  • Collaborate with teams across the organization to identify security risk mitigation needs.
  • Maintain compliance documentation, including audit evidence and controls.
  • Support a collaborative, performance-driven culture that builds bridges with other functional groups across the enterprise and maintains positive working relationships.
  • Conduct user access reviews and interact with the Internal Audit team.
  • Identify situations where there are deviations from policies and assess risks.
  • Work assigned via JIRA and Sheets.
  • Perform with approximately 90% accuracy with minimal help within the first 2 months.

Key Skills:

  • 3 to 5 years working in a Governance, Risk, and Compliance (GRC), internal audit, external audit, or similar role.
  • Functional knowledge of identity and access security domains and information security industry standards and best practices.
  • Knowledge in compliance frameworks such as SOC2, ISO 27001, ITControls, NIST CSF.
  • Strong project management skills.
  • Strong written and verbal communication skills.
  • Experience with GitHub / GitLab and access management or code review.
  • Nice to have: Python and Okta experience.

Salary (Rate): £45,000 yearly

City: undetermined

Country: US

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: Other

Detailed Description From Employer:
Role: GRG Analyst - Support Engineer
Location: Remote US


What You''ll Do:
  • Execute controls assurance activities leveraging existing control framework to identify technology risks, review existing control implementation, and support compliance efforts.
  • Support compliance evidence request review and collection to ensure control activity documentation meets compliance requirements.
  • Collaborate with teams across the organization to identify security risk mitigation needs.
  • Maintain compliance documentation, including audit evidence and controls.
What We Can Expect From You:
  • Support a collaborative, performance-driven culture that builds bridges with other functional groups across the enterprise and maintains positive working relationships
  • 3 to 5 years working in a Governance, Risk, and Compliance (GRC), internal audit, external audit, or similar role
  • Functional knowledge of identity and access security domains and information security industry standards and best practices
  • Knowledge in at least one of the following compliance frameworks such as SOC2, ISO 27001, ITControls, NIST CSF
  • Strong project management skills
  • Strong written and verbal communication skills
Team & Organization
  • Michael Rhode (manager) has been at Reddit for 5 years.
  • He is part of the GRC (Governance, Risk & Compliance) team, managing: , Technical Control Operations, Assurance/Compliance Engineering Team , Cybersecurity Control Frameworks
This role will support control execution, including:
  • Identifying situations where there are deviations from policies.
  • Understanding whether the situations need validation.
  • Assessing risks.
  • The team is spread across the US, from the West Coast to the East Coast. There is no location preference within the US.
Day-to-Day Responsibilities
Work is assigned via:
  • JIRA
  • Sheets
Responsibilities include:
  • User access reviews
  • Interacting with the Internal Audit team
  • Reviews performed by Michael and other team members
After ramp-up:
  • 40% Access Management
  • 60% Change Management
Ideal Candidate Profile/Soft Skills
  • Raises concerns or blockers early.
  • Shows initiative.
  • Is not afraid to ask questions.

Technical Skills
Must Have
  • GitHub / GitLab
  • Access management or code review experience
Nice to Have
  • Python
  • Okta

The strongest candidate Michael previously had was someone with strong Python skills who could:
  • Streamline processes
  • Automate tasks
  • Improve efficiency
  • Respond quickly

Preferred Background
Industry experience in:
  • Banking
  • Technology
  • However, they are open to candidates from all industries.

Contract Details
  • Initial contract: 6 months
  • Potential to extend up to 18 months

Ramp-Up Expectations
  • First 2 weeks: Understand the area and team processes.
  • Within the first 2 months: Perform with approximately 90% accuracy with minimal help.

Ramp-up sequence:
  • Access Management
  • Change Management

Location / Time Zone Considerations
  • Michael prefers candidates who can work 9:00 AM – 5:00 PM US time (CST). Remote US.