Job OverviewWe’re looking for an experienced and strategic Principal GRC Security Analyst to help lead our Governance, Risk, and Compliance efforts. In this role, you’ll work cross-functionally to drive security initiatives, support compliance frameworks, and partner with both internal teams and external customers to ensure trust, transparency, and operational excellence.
About UsWhen you join iCIMS, you join the team helping global companies transform business and the world through the power of talent. Our customers do amazing things: design rocket ships, create vaccines, deliver consumer goods globally, overnight, with a smile. As the Talent Cloud company, we empower these organizations to attract, engage, hire, and advance the right talent. We’re passionate about helping companies build a diverse, winning workforce and about building our home team. We're dedicated to fostering an inclusive, purpose-driven, and innovative work environment where everyone belongs.
Responsibilities- Assist in identifying and tracking information security risks, assessing their impact, and monitoring the execution of mitigation plans in alignment with established security policies and controls.
- Manage internal risk assessments.
- Support Sales and Customer Success by responding to security questionnaires and speaking to technical controls
- Track and report on GRC metrics, KPIs, and audit remediation activities
- Collaborate with Product, Development, Engineering, and Legal to embed security practices company-wide
- Assist in updating, maintaining and maturing security policies, awareness campaigns, and disaster recovery planning Develop and define associated metrics to allow clear visibility into iCIMS governance, risk, and compliance status.
- Provide leadership and act as key stakeholder of regulatory and compliance initiatives (e.g. ISO 27001, SOC 2, GDPR, Tx-RAMP, etc.). Participate in associated audits as necessary.
- Develop Key Performance Indicators (KPI) and Key Risk Indicators (KRI) to ensure compliance-related controls are operating to an acceptable tolerance level.
- Strong understanding of security tools to support the execution of Security Control Assessments and evaluate control effectiveness.
- Lead security compliance efforts across ISO 27001, SOC 2, GDPR, and other frameworks
- Develop and define associated metrics to allow clear visibility into iCIMS governance, risk, and compliance status.
- Provide strategic guidance and insights to strengthen and mature the Governance, Risk, and Compliance (GRC) program.
Qualifications- 5+ years in GRC, risk, or information security roles
- Strong knowledge of frameworks like ISO 27001, NIST, SOC 2, GDPR, and risk assessment methodologies
- Knowledge of risk management processes and frameworks (e.g., methods for assessing and mitigating risk).
- Experience in SaaS environments and cloud platforms such as AWS or Azure
- Excellent communication skills, including comfort engaging with customers, executives, and auditors
- Demonstrated success driving compliance projects and risk management programs
- A self-starter with the demonstrated ability to take initiative, who can proactively identify issues/opportunities and recommend actions
- Demonstrated ability to advance and mature GRC programs through collaboration with enterprise-level stakeholders.
- Familiar with and able to apply generally accepted security methods, concepts and techniques, including an understanding of networks, operating systems, cloud operations and associated technologies and services.
- Understanding of privacy standards, PII protection, and third-party risk management
Preferred- Prior experience with cloud-based security tools, technologies, and controls (e.g., Amazon AWS, Azure, Google Cloud).
- CISSP, CISA, CRISC, CISM or similar security/GRC focused certifications.
EEO StatementiCIMS is a place where everyone belongs. We celebrate diversity and are committed to creating an inclusive environment for all employees. Our approach helps us to build a winning team that represents a variety of backgrounds, perspectives, and abilities. So, regardless of how your diversity expresses itself, you can find a home here at iCIMS. We are proud to be an equal opportunity and affirmative action employer. We prohibit discrimination and harassment of any kind based on race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, gender expression, age, veteran status, genetic information, disability, or other applicable legally protected characteristics. If you’d like to view a copy of the company’s affirmative action plan or policy statement and/or if you would like to request an accommodation due to a disability, please contact us at careers@icims.com.
Compensation and BenefitsWe accept applications for this position on an ongoing basis until the position is filled. Applications will be reviewed as they are received, and qualified candidates may be contacted throughout the posting period.
The anticipated base pay range for this position is $120,000-145,000 annually. Final compensation will be based on factors such as relevant experience, skills, education, internal equity, and market data. This range aligns with our commitment to equitable and transparent compensation practices, as required by applicable law.
Competitive health and wellness benefits include medical, dental, vision, 401(k), dependent care, short term and long-term disability, life and AD&D insurance, bonding and parental leave, mindfulness resources, an open vacation policy, sick days, paid holidays, quiet hours each workday, and tuition reimbursement. Benefits and eligibility may vary by location, role, and tenure. Learn more here: https://careers.icims.com/benefits.
