Senior GRC Analyst, Hybrid TX

We're thrilled that you are interested in joining us here at the Amynta Group! The Senior GRC Analyst is an experienced individual contributor within the IT Security function responsible for advancing Amynta's governance, risk management, and compliance (GRC) program. This role independently executes information security risk assessments, control oversight, and support for regulatory, audit, and customer assurance requirements. Hybrid schedule with 3 days in Fort Worth, TX office on a set schedule. What You Will Do Independently assess, analyze, and document information security risks across systems, applications, and technology‑enabled processes using a risk‑based approach. Support and maintain the information security governance framework, including policies, standards, procedures, and control documentation. Assess the design and operating effectiveness of security controls and provide risk‑based recommendations to Information Security leadership. Monitor and report on adherence to internal security policies and applicable regulatory and contractual requirements. Identify, track, and report control deficiencies and policy violations; partner with stakeholders to drive corrective actions. Support internal and external audits, regulatory examinations, and customer assurance activities, including evidence coordination, audit responses, and remediation tracking. Provide governance and coordination support for SOC 2 Type 2 assurance activities, including control readiness, internal testing, and auditor engagement. Develop and maintain a centralized security knowledge base to streamline customer, partner, and due‑diligence responses. Execute security awareness and training activities, including platform administration and phishing simulations. Partner with IT, Legal, and business stakeholders to ensure security requirements are understood and incorporated into relevant processes. Support the development and implementation of the IT vendor risk management program, including third‑party risk assessments and vendor risk tracking. Contribute to continuous improvement of GRC processes, tooling, and reporting. Perform other duties consistent with the scope of the role. About You Must reside within a reasonable commuting distance of the Fort Worth office. Bachelor's degree in Information Systems, Information Security, Risk Management, Cybersecurity, or a related discipline; equivalent practical experience may be considered. 4-7 years of progressively responsible experience in information security, governance, risk and compliance (GRC), risk management, compliance, audit, or related IT security functions. Proven experience supporting security, IT, or compliance audits (e.g., SOC, ISO, internal audit, regulatory examinations), including audit readiness, evidence collection, and remediation tracking. Experience assessing information security risks, evaluating control effectiveness, and identifying compliance gaps. Working knowledge of common security frameworks and regulatory standards such as

NIST, ISO 27001, SOC, NYDFS

Part 500, PCI-DSS, or similar frameworks. Strong analytical, problem-solving, and organizational skills with the ability to manage multiple priorities independently. Ability to communicate technical security concepts clearly to non-technical stakeholders and business leaders. Excellent written and verbal communication skills, including clear and concise documentation. Ability to work independently in a fast-paced environment with strong attention to detail. Sound professional judgment and discretion when handling sensitive or confidential information. Collaborative mindset with the ability to influence cross-functional stakeholders without direct authority. Professional certifications such as CISA, CRISC, CISSP, or

ISO 27001

are preferred, but not required. Legally authorized to work in the United States without current or future employer sponsorship. The Amynta Group (the "Company") is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee on the basis of any ground of discrimination protected by applicable human rights legislation. The information collected is solely used to determine suitability for employment, verify identity and maintain employment statistics on applicants. Applicants with disabilities may be entitled to reasonable accommodation throughout the recruitment process in accordance with applicable human rights and accessibility legislation. A reasonable accommodation is an adjustment to processes, procedures, methods of conveying information and/or the physical environment, which may include the provision of additional support, in order to remove barriers a candidate may face during recruitment such that each candidate has an equal employment opportunity. The Company will accommodate a candidate to the point of undue hardship. Please inform the Company's personnel representative if you require any accommodation in the application process. About Us Amynta Group is a premier insurance services company with more than $3.5 billion in managed premium and 2,000 associates across North America, Europe, and Australia. An independent, customer-centered and underwriting-focused company, Amynta serves leading carriers, wholesalers, retail agencies, auto dealers, OEMs, and consumer product retailers with innovative insurance and warranty protection solutions.

Amynta operates through three segments:

Managing General Agencies; Warranty, including automotive, consumer and specialty equipment; and Specialty Risk Services. For more information, visit amyntagroup.com. Benefits This link leads to the machine readable files that are made available in response to the federal Transparency in Coverage Rule and includes negotiated service rates and out-of-network allowed amounts between health plans and healthcare providers. The machine-readable files are formatted to allow researchers, regulators, and application developers to more easily access and analyze data.

https:

//cigna.com/legal/compliance/machine-readable-files