Senior GRC Analyst, Hybrid TX

We’re thrilled that you are interested in joining us here at the Amynta Group!

The Senior GRC Analyst is an experienced individual contributor within the IT Security function responsible for advancing Amynta’s governance, risk management, and compliance (GRC) program. This role independently executes information security risk assessments, control oversight, and support for regulatory, audit, and customer assurance requirements.

Hybrid schedule with 3 days in our Fort Worth, TX office on a set schedule.

• Independently assess, analyze, and document information security risks across systems, applications, and technology-enabled processes using a risk-based approach.
• Support and maintain the information security governance framework, including policies, standards, procedures, and control documentation.
• Assess the design and operating effectiveness of security controls and provide risk-based recommendations to Information Security leadership.
• Monitor and report on adherence to internal security policies and applicable regulatory and contractual requirements.
• Identify, track, and report control deficiencies and policy violations; partner with stakeholders to drive corrective actions.
• Support internal and external audits, regulatory examinations, and customer assurance activities, including evidence coordination, audit responses, and remediation tracking.
• Provide governance and coordination support for SOC 2 Type 2 assurance activities, including control readiness, internal testing, and auditor engagement.
• Develop and maintain a centralized security knowledge base to streamline customer, partner, and due‑diligence responses.
• Execute security awareness and training activities, including platform administration and phishing simulations.
• Partner with IT, Legal, and business stakeholders to ensure security requirements are understood and incorporated into relevant processes.
• Support the development and implementation of the IT vendor risk management program, including third‑party risk assessments and vendor risk tracking.
• Contribute to continuous improvement of GRC processes, tooling, and reporting.
• Perform other duties consistent with the scope of the role.

• Must reside within a reasonable commuting distance of the Fort Worth office.
• Bachelor’s degree in Information Systems, Information Security, Risk Management, Cybersecurity, or a related discipline; equivalent practical experience may be considered.
• 4–7 years of progressively responsible experience in information security, governance, risk and compliance (GRC), risk management, compliance, audit, or related IT security functions.
• Proven experience supporting security, IT, or compliance audits (e.g., SOC, ISO, internal audit, regulatory examinations), including audit readiness, evidence collection, and remediation tracking.
• Experience assessing information security risks, evaluating control effectiveness, and identifying compliance gaps.
• Working knowledge of common security frameworks and regulatory standards such as NIST, ISO 27001, SOC, NYDFS Part 500, PCI‑DSS, or similar frameworks.
• Strong analytical, problem‑solving, and organizational skills with the ability to manage multiple priorities independently.
• Ability to communicate technical security concepts clearly to non‑technical stakeholders and business leaders.
• Excellent written and verbal communication skills, including clear and concise documentation.
• Ability to work independently in a fast‑paced environment with strong attention to detail.
• Sound professional judgment and discretion when handling sensitive or confidential information.
• Collaborative mindset with the ability to influence cross‑functional stakeholders without direct authority.
• Professional certifications such as CISA, CRISC, CISSP, or ISO 27001 are preferred, but not required.
• Legally authorized to work in the United States without current or future employer sponsorship.

The Amynta Group (the “Company”) is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee on the basis of any ground of discrimination protected by…