Genesys empowers organizations of all sizes to improve loyalty and business outcomes by creating the best experiences for their customers and employees. Through Genesys Cloud, the AI-powered Experience Orchestration platform, organizations can accelerate growth by delivering empathetic, personalized experiences at scale to drive customer loyalty, workforce engagement, efficiency and operational improvements.
We employ more than 6,000 people across the globe who embrace empathy and cultivate collaboration to succeed. And, while we offer great benefits and perks like larger tech companies, our employees have the independence to make a larger impact on the company and take ownership of their work. Join the team and create the future of customer experience together.
The Information Security Governance, Risk & Compliance Analyst will play a key role as part of a group of Information Security Compliance professionals responsible for operational services related to the Information Security Compliance program, facilitating Governance, Risk, & Compliance activities related to various compliance and regulatory requirements, and working with cross-functional teams throughout the company and audit/assurance services for the implementation of security controls.
The InfoSec GRC Analyst will report to the Director of Information Security, Governance, Risk & Compliance and participate as a key member of the Information Security & Compliance Team.
Responsibilities:
- Assist in managing a compliance program for a portfolio of internal/external audits & certifications, ensuring documented and sustainable compliance practices across the company.
- Assist with the implementation and direction of compliance processes to automate and continuously monitor information security controls, exceptions, risks, testing, and evidence artifacts. Develops reporting metrics and dashboards.
- Assists control owners in defining responsibilities and control standards for regulatory and compliance goals – including but not limited to the following audits and certifications: SOX, PCI, HIPAA, SOC1/2, FED RAMP, HITRUST, ISO 27001/27017/27018, Cyber Essentials, etc.
- Map and maintain common controls framework and control scope/applicability for a portfolio of compliance initiatives and information security policies.
- Assists in the establishment of an Information Security GRC Center of Excellence by providing audit and assurance services to support a portfolio of compliance projects. Provide compliance subject matter expertise and advisory services to stakeholders/control owners.
- Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares stakeholders' reports to track remediation activities. Evaluate & report any security/compliance risks to track as part of the company risk register. Consults on developing security standards, procedures, and controls to manage risks.
- Gather requirements guide assigned controls within the centralized GRC tool & audit/certification document repository to care for compliance program information across the company. Work with business unit/product level compliance teams to strengthen and align to a shared company compliance plan and organization approach/methodologies to ensure streamlined, lean, effective, and agile processes.
- Provides dashboards and reports based on regular assessments and testing of the effectiveness and efficiency of controls.
- Perform operational activities related to the compliance program and escalate deviations when needed.
- Perform audit services including risk and gap assessments to business units as needed.
- Provide input on responses for company-wide compliance-related customer/partner/third-party requests.
- Practice Agile methodologies and promote/strengthen automation across all initiatives to promote a higher level of work quality and act as a model for others to emulate.
Qualifications:
- Bachelor's Degree in Computer Science or equivalent field of study
- 5+ years of experience working with applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations
- 5+ years of experience in Information systems auditing, monitoring, controlling, and assessment process
- Demonstrate flexibility to work consistently between 8 am and 5 pm EST (6.30 PM IST to 3.30 AM IST)
- Proficiency in Risk assessment and direction methodology
- Proficiency in working with recognized IT Security-related standards and technologies.
- Ability to function effectively within cross-functional and interdisciplinary teams to achieve tactical and strategic goals. This is a highly responsible position that requires both quantitative and interpersonal skills.
- Demonstrated project management, organizational, and facilitation skills.
- Excellent communication and presentation skills. Demonstrated ability to serve as an effective member of the InfoSec GRC team and ability to communicate security-related concepts to a broad range of technical and non-technical management and staff.
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
- ISO LA, PCI QSA, CISSP, CISM, CISA, ITIL, or GIAC certifications desired.
#LI-Remote
#LI-GR1
If a Genesys employee referred you, please use the link they sent you to apply.
About Genesys:
Genesys® empowers more than 8,000 organizations worldwide to create the best customer and employee experiences. With agentic AI at its core, Genesys Cloud™ is the AI-Powered Experience Orchestration platform that connects people, systems, data and AI across the enterprise. As a result, organizations can drive customer loyalty, growth and retention while increasing operational efficiency and teamwork across human and AI workforces. To learn more, visit www.genesys.com.
Reasonable Accommodations:
If you require a reasonable accommodation to complete any part of the application process, or are limited in your ability to access or use this online application and need an alternative method for applying, you or someone you know may contact us at reasonable.accommodations@genesys.com.
You can expect a response within 24–48 hours. To help us provide the best support, click the email link above to open a pre-filled message and complete the requested information before sending. If you have any questions, please include them in your email.
This email is intended to support job seekers requesting accommodations. Messages unrelated to accommodation—such as application follow-ups or resume submissions—may not receive a response.
Genesys is an equal opportunity employer committed to fairness in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.
Please note that recruiters will never ask for sensitive personal or financial information during the application phase.