GRC Coordinator

Key Responsibilities

• Maintain and update all ISMS documents, policies, procedures, and SOPs.
• Ensure documentation meets ISO 27001 and HIPAA requirements.
• Track and maintain evidence logs, audit files, and version control.
• Plan and perform internal audits for ISO 27001 and HIPAA.
• Assist SOC during internal and external compliance assessments.
• Support external certification audits with auditors and stakeholders.
• Maintain the Risk Register and coordinate with risk owners.
• Work with SOC Manager to ensure SOC controls align with ISO/HIPAA.
• Participate in post-incident reviews from a compliance perspective.
• Support cybersecurity awareness and HIPAA training programs.
• Maintain records of employee training for compliance purposes.
• Assist in vendor due diligence, risk assessments, and security questionnaires.
• Maintain vendor compliance documentation (e.g., HIPAA BAA, security clauses).
• Prepare monthly compliance dashboards for management.
• Escalate non-compliance issues or deviations to leadership.

Job Type: Full-time

Application Question(s):

• • ISO 27001 Lead Auditor or Implementer (Mandatory)

Education:

• Bachelor's (Preferred)

Experience:

• 3years: 1 year (Preferred)

Work Location: In person