Principal Infosec Grc Control Validation Analyst(governance, Risk & Compliance)

Columbia Sportswear

Hybrid
8+ years grc or it audit experience
Lead it control testing teams
Iso 27001 soc2 nist audit expertise
Columbia Sportswear is seeking a Principal Infosec GRC Control Validation Analyst to lead the validation and testing of information security controls within its Digital Technology organization. The ideal candidate should have at least eight years of experience in governance, risk, and compliance (GRC) or IT audit, along with a passion for mentoring and improving security processes

Job Summary

  • This role serves as the most senior member of a small team focused on validating the effectiveness of information security controls across the enterprise.
  • The successful candidate will plan, lead, and execute security control validation activities while mentoring junior analysts to foster a culture of accountability.
  • You will influence the evolution of the information security GRC program by maturing tools, automation, processes, and metrics.

Matching Summary

Match Score: 85

Columbia Sportswear is seeking a Principal Infosec GRC Control Validation Analyst to lead the validation and testing of information security controls within its Digital Technology organization. The ideal candidate should have at least eight years of experience in governance, risk, and compliance (GRC) or IT audit, along with a passion for mentoring and improving security processes.

Skills & Requirements

Must-have

  • 8+ years GRC or IT audit experience
  • Lead IT control testing teams
  • ISO 27001 SOC2 NIST audit expertise
  • Security control validation methodologies
  • Risk assessment and remediation planning

Nice-to-have

  • Mentoring junior analysts
  • Continuous improvement culture
  • Influencing GRC program evolution
  • Pragmatic risk solutioning
  • Effective stakeholder communication

Key Requirements

  • Bachelor's degree in cybersecurity or business information systems
  • CISSP, CISA, CRISC, Sec+, or CC certification preferred
  • Minimum 8 years experience in GRC, IT audit, or cybersecurity
  • Proven leadership of audit testing teams for ISO 27001, SOC2, or NIST

Work Rights

Not specified

Tailored Resume

Cover Letter