GRC Analyst
@ Direct Travel

Hybrid

$90,000

Hybrid

Full Time

Posted 4 days ago

Your Application Journey

Interview

Email Hiring Manager

XXXXXXXXXX XXXXXXXXX XXXXXXXX******* @directtravel.com

Recommended after applying

Job Details

About the GRC Analyst Role

The GRC Analyst will join the Security and Compliance team at Direct Travel to manage security & compliance risk. You will collaborate with internal teams and external partners, ensuring governance, risk management, and compliance through audits and process improvement.

Key Responsibilities

Conduct audits of internal information security, compliance, and privacy processes.
Ensure timely resolution of audit and risk assessment findings.
Manage the OneTrust GRC reporting portal.
Communicate audit reports, gaps, and recommendations to management.
Identify and deploy technologies and processes to improve security posture.
Develop security standards, access controls, and compliance requirements.
Serve as a subject matter expert on information security and compliance policies.
Maintain awareness of current and emerging threat landscapes.
Report security & compliance metrics to management.
Support additional audit and governance functions as assigned.

Qualifications & Experience

1-3 years experience in IT, security, or compliance analyst roles.
Experience with SSAE18, SOC 2, PCI ROC, and/or ISO 27001 audits.
Knowledge of ISO 27001, NIST 800-53, NIST 800-171, and NIST CSF frameworks.
Experience in authoring policies and procedures.
Strong analytical, stakeholder engagement, and communication skills.
Ability to work remotely with self-motivation and discipline.
Degree in computer science, information systems, information security or related discipline (or equivalent experience).
Must be able to lawfully work in the US with unrestricted work authorization.
Willingness to travel up to 15% if required.

Key Skills/Competency

compliance
risk
governance
audit
ISO27001
SOC2
PCI
NIST
security
OneTrust

Additional Information

This is a remote eligible role reporting to the Senior Director of Governance, Risk & Compliance. The position provides an opportunity to grow into a role with increasing responsibility while working with senior management and IT staff alike.

Apply without a personalized resume

How to Get Hired at Direct Travel

🎯 Tips for Getting Hired

Research Direct Travel's culture: Learn about their mission and industry news.
Customize your resume: Highlight compliance and audit successes.
Prepare for interviews: Focus on risk, governance, and security.
Showcase relevant certifications: Emphasize ISO and SOC expertise.

📝 Interview Preparation Advice

Technical Preparation

Review ISO 27001 and SOC 2 audit processes.

Study NIST frameworks and compliance policies.

Familiarize with OneTrust GRC portal operations.

Refine technical security and audit documentation skills.

Behavioral Questions

Describe a time you resolved audit findings.

Explain collaboration with technical and nontechnical teams.

Discuss handling pressure during compliance audits.

Share an example of proactive risk management.

Ready to optimize your application for Direct Travel?

Our Al will adapt your resume for Direct Travel's hiring patterns and similar GRC Analyst roles.

Frequently Asked Questions

What key certifications does Direct Travel expect for a GRC Analyst?

How important is remote work experience for the GRC Analyst role at Direct Travel?

What audit experience is required for the GRC Analyst position at Direct Travel?