Job Description
Bet you thought we were a dental technology company, didn't you?
Surprise - We have nothing to do with the Dental Industry!
Smiley Technologies stands as a leading provider of core banking software, offering a distinctive and comprehensive core banking software and services solution tailored for community banks and financial institutions. At the heart of our mission is the delivery of exceptional customer service coupled with advanced technologies. We understand that service is as valuable as the product itself.
Are you someone who embodies the values of collaboration, optimism, respect, empathy, integrity, and service? Smiley Technologies, a thriving and profitable service business, invites you to be a key player in our success story!
Check Out Our Video About Smiley
https://app.paylocity.com/videos/external/view/kpZPK9L7imaT
Join Our Team as a Governance, Risk, and Compliance (GRC) Analyst at Smiley Technologies
Smiley Technologies is on the lookout for a dynamic and talented Governance, Risk, and Compliance (GRC) Analyst to play a vital role in supporting our cybersecurity, compliance, risk, and GRC program initiatives. If you're passionate about shaping the security landscape and thrive in a collaborative environment, this is the opportunity for you!
Responsibilities:
As a GRC Analyst with us, you will:
- Assess and evaluate the adequacy of security/IT controls for Smiley's environment and business objectives.
- Develop policies, procedures, and processes based on audit findings and compliance framework requirements.
- Crosswalk controls across multiple security compliance frameworks and regulations to foster adoption and identify gaps.
- Advise and develop security standards, guidelines, and controls based on best practices and compliance frameworks.
- Translate security analyses, audit results, and compliance guidance into clear, actionable language.
- Analyze and suggest improvements for security/IT controls in both design and operation effectiveness.
- Develop risk registers, ideally aligned to controls, and execute basic risk assessment and management practices.
- Perform assessments (risk and/or compliance) to establish a baseline for creating or expanding a security program.
- Develop plans and tracking for non-compliance with applicable controls, monitoring remediation progress against agreed-upon timelines.
- Work with various GRC tools.
- Evaluate new and existing technologies for compliance with information governance controls.
If you're ready to contribute to a cutting-edge cybersecurity program and make a real impact, we invite you to apply and be part of the Smiley Technologies family!
Required Education and Experience:
- Bachelor or Graduate degree in cybersecurity, information systems, or a related field.
- 3-5 years of experience in a cybersecurity, audit, risk, compliance, or GRC role.
- Working knowledge of common security and privacy frameworks and regulations (e.g., CIS, SOC 2, GLBA, PCI DSS).
- Knowledge of risk management practices and Risk-based thinking for prioritization.
- Experience responding to, analyzing, and communicating security and IT-related practices and controls.
- Preference given to those with security or risk management certifications.
Required Knowledge, Skills, and Abilities:
- Self-motivated.
- Understanding of audit processes and requirements.
- Excellent communication skills, both verbal and written.
- Excellent technical documentation skills.
- Excellent interpersonal skills to interact with clients face-to-face and over the phone.
- Ability to work independently and as part of a team.
- Acts professionally with a passion for assisting others and problem-solving.
Preferred Qualifications:
- Understanding of the banking and financial services industry is a plus.