Job Description
ABOUT LVT
LVT is on a mission to make the world safer and more secure through rapidly deployable security hardware that runs on our proprietary SaaS platform. Our enterprise-grade safety and security ecosystem makes it easy to secure essentially any physical environment through intelligent automation and actionable insights. As an industry leader in the IoT space, our systems are deployed in every state and adopted by Fortune 500 enterprise companies who share this vision.
ABOUT THIS ROLE
LVT is actively seeking a highly motivated and detail-oriented Security Analyst (GRC) to join our growing Information Security team. This role will report directly to the GRC Manager. This position is designed for an individual eager to delve deeply into the operational aspects of Governance, Risk, and Compliance, directly supporting LVT's steadfast commitment to security excellence and regulatory adherence as the business continues its innovative scaling.
LVT values managing risk in alignment with our customer's and stakeholder's expected levels. We design, implement, and monitor controls that reduce real risk. The Security Analyst (GRC) will play an instrumental role in driving key operational GRC initiatives. The primary focus of this hands-on position will be the end-to-end management of LVT's SOC 2 audit processes, initiating third-party risk assessments, actively contributing to the policy review and approval lifecycle, and documenting and treating risks in our risk register.
RESPONSIBILITIES
Coordinate and support the annual SOC 2 audit as the primary liaison and facilitator for external auditors.
Manage, monitor, and make appropriate changes to SOC 2 controls.
Facilitate effective communication and coordination with internal SOC 2 control owners.
Proactively assist in identifying, analyzing, and resolving audit concerns or control deficiencies, proposing initial remediation steps.
Document audit outcomes, lessons learned, and recommended improvements post-audit.
Oversee ongoing control testing, including evidence collection and documentation.
Responsible for routine monitoring and continuous compliance activities to ensure the overall effectiveness of the GRC Program.
Identify, scope, and implement routine GRC controls.
Initiate and conduct third party risk assessments by gathering and analyzing vendor documentation, security controls, and other relevant information to identify potential risks.
Contribute to and review LVT's security policies, submitting them for approval, and ensuring alignment with organizational standards.
Maintaining and updating the risk register ensures accurate and timely recording of identified risks and their mitigation statuses.
Demonstrate increasing autonomy in resolving defined issues.
Maintain, monitor, and continuously improve GRC documentation, processes, and tools to ensure accuracy, accessibility, compliance with internal controls, and overall program effectiveness-while supporting scalability and efficiency as the company grows.
QUALIFICATIONS
2 - 4 years of experience with Information Security, GRC or IT Audit roles, demonstrating a growing understanding of GRC concepts and methodologies.
Experience with developing and implementing policies and procedures, assessing and prioritizing risks, and maturing security compliance programs.
Practical experience with SOC 2 audit processes is essential, including proficiency in control testing, evidence collection, and internal coordination.
Familiarity with NIST frameworks (e.g., CSF 2.0, SP 800-53).
Familiarity with conducting third-party risk assessments processes and methodologies.
A foundational understanding of business operations and how security controls impact business functions.
Strong writing skills for tasks such as policy review and approval, developing risk treatment plans, and creating audit documentation and responses for external auditors.
Strong organizational skills and attention to detail for managing documentation, audit evidence, and maintaining accurate GRC records.
Experience working with GRC platforms (e.g., Drata, Vanta, ZenGRC) and project management tools (e.g., Jira, Asana) is a plus.
Effective written and verbal communication skills are necessary for successful collaboration with internal stakeholders and external parties.
Ability to translate complex technical information into clear, concise, and non-technical language for various audiences, from engineers to executive leadership.
Familiarity with leveraging and applying AI tools and technologies to automate routine GRC tasks and improve program efficiency.
A Bachelor's degree in Information Security, Computer Science, Information Technology, Business, or a related field, or equivalent practical experience, is preferred.
Relevant professional certifications such as CompTIA Security+, CISA, or CRISC are highly desirable.
WHY JOIN US Founder-led and employee-driven company
The opportunity to build where you stand
Value centric decision making
Both an economically stable and hyper-growth environment (ask us how this is possible)
The market leader in redefining how B2B does security
On top of the obvious benefit of getting paid to work with great people who are laser-focused on a mission that matters, we also offer the following benefits: Comprehensive health, vision, and dental benefits for you and your family. Including supplemental and life insurance, company-paid HSA contributions, and an Employee Assistance Program (EAP).
401(k) With up to 4% match
Time Off & Paid Holidays - Ask us how we empower employees to take control of their well-being
Stock Options - Every full-time employee has the opportunity to be an owner of the company and benefit from our success.
Paid Parental Leave - To help your growing family while you're away from work.
Company Events - Christmas Party, Summer Party, and other parties to celebrate whenever we can find an excuse.
Charitable Opportunities - LVT sends groups of employees to help the Daybreak Vision Project restore sight to thousands of people a year.
Wellness - We regularly host dentists, chiropractors, financial experts, and other professionals to provide services and seminars to help promote physical, mental, emotional, and financial wellness.
And More - Scholarship opportunities for employees and their dependents, discounted cell services, and opportunities to score tickets to Utah Jazz games and other Delta Center events.
HR Policy
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. All Candidates must pass a drug screening and background check upon employment. Some roles may also require passing a federal background check and fingerprinting. Must be authorized to work in the U.S. LVT Corp
Job Tags
Full time,