Senior Security Analyst - Governance, Risk & Compliance (GRC)

Job description

Job Summary: As a member of the Information Security team, the Senior Security Analyst (GRC) is responsible for governance oversight, enterprise risk management, and compliance activities supporting the Care New England Health System. This role ensures security programs are aligned with regulatory requirements, industry standards, and organizational risk tolerance. Primary areas of responsibility include policy governance, enterprise risk register management, audit coordination, third-party risk oversight, security awareness program management, phishing simulation oversight, and governance-level performance monitoring of security controls and tools. The Senior Security Analyst does not perform direct engineering functions but provides oversight, performance validation, risk analysis, and executive-level reporting to ensure effective security control implementation and regulatory readiness. Requirements: Bachelor’s degree in Information Technology, Cybersecurity, Information Assurance, or related field required. Minimum of five (5) to seven (7) years of IT and/or information security experience, including governance, risk, and compliance responsibilities. CISSP, CISM, IAM, or equiva...