Principal GRC Analyst (USA REMOTE)

  • Full-time

Company Description

MUST BE U.S. BASED (CST or EST)

100% REMOTE

When you join Turnitin, you'll be welcomed into a company that is a recognized innovator in the global education space. For more than 20 years, Turnitin has partnered with educational institutions to promote honesty, consistency, and fairness across all subject areas and assessment types. Over 16,000 academic institutions, publishers, and corporations use our services: Gradescope by Turnitin, iThenticate, Turnitin Feedback Studio, Turnitin Originality, Turnitin Similarity, ExamSoft, and ProctorExam.

Turnitin has offices in Australia, India, Indonesia, Japan, Korea, Mexico, the Netherlands, the Philippines, Ukraine, the United Kingdom, and the United States. Our diverse community of colleagues are all unified by a shared desire to make a difference in education. Come join us, and let's make change together.

Job Description

We are looking for someone who brings strong analytical ability, attention to detail, effective communication, compliance experience and the willingness to continuously learn. This role requires hands-on work, critical thinking and the ability to find new solutions for compliance.The role reports to the Sr. Director of Security and Compliance.  

As the Principal GRC Analyst your duties and responsibilities will include:

  • Managing relationships with StateRAMP advisors, 3PAO’s and state PMO’s
  • Driving the gap analysis, remediation planning, SSP creation and the StateRAMP authorization processes
  • Guiding strategic partners, product teams, managers, and system owners in the maintenance of effective and appropriate risk management and compliance activities
  • Regularly guiding Turnitin through the process of continuous monitoring and maintenance of the Plan of Action and Milestones (POA&M)
  • Managing the preparation and audit activities required to maintain our SOC 2 Type 2
  • Serving as a mentor and team lead for junior GRC analysts
  • Define, collect, and report compliance metrics

Qualifications

  • 5+ years of relevant work experience in governance, risk and compliance
  • 2 + years of experience in implementing security controls following NIST 800-53
  • Certification in one or more IS industry recognized certifications (such as CISSP, CISA/CISM, GIAC, CRISC, or CCSP etc.) is preferred
  • Highly proficient on NIST Risk Management Framework
  • Demonstrable experience with *RAMP and POA&M
  • Knowledge and experience with SOC2, ISO 27001, and  NIST frameworks
  • Experience with AWS architectures and security controls
  • Capable of understanding, assessing, and applying IT risk management disciplines in support of business lines and overall function
  • Ability to develop and present recommendations and solutions to effectively manage risk and compliance with security standards
  • Familiar with agile software development methodologies
  • Experience executing project/programs that span multiple organizations and business units
  • Experience managing risk assessment, identification, and remediation activities
  • Proven ability to identify and drive opportunities for continuous improvement 

 

Additional Information

No agency submissions 

Turnitin, LLC is committed to the policy that all persons have equal access to its programs, facilities and employment without regard to race, color, ancestry, national origin, age, gender, sexual orientation, gender identity, age, religion, creed, disability, medical condition, genetic information, marital or veterans status.

Privacy Policy