Principal Infosec Grc Control Validation Analyst(governance, Risk & Compliance)
001
Hybrid
8+ years experience in grc or it audit
Proven expertise in nist csf or iso 27001
Experience leading it audits and risk assessments
Columbia Sportswear is seeking a Principal GRC Control Validation Analyst to join their Information Security team, focusing on validating and testing security controls. The ideal candidate should have over eight years of experience in governance, risk, and compliance (GRC), IT audit, or cybersecurity operations, along with strong leadership and communication skills
Job Summary
This role serves as the most senior member of a small team focused on validating the effectiveness of information security controls across the enterprise.
The successful candidate will plan, lead, and execute control validation activities across domains such as access management, vulnerability management, and incident response.
You will mentor junior analysts, document control issues, and collaborate with stakeholders to develop remediation recommendations while preparing risk reports for governance committees.
Matching Summary
Match Score: 85
Columbia Sportswear is seeking a Principal GRC Control Validation Analyst to join their Information Security team, focusing on validating and testing security controls. The ideal candidate should have over eight years of experience in governance, risk, and compliance (GRC), IT audit, or cybersecurity operations, along with strong leadership and communication skills.
Skills & Requirements
Must-have
8+ years experience in GRC or IT audit
Proven expertise in NIST CSF or ISO 27001
Experience leading IT audits and risk assessments
Hands-on control validation and testing execution
Nice-to-have
Mentoring and developing junior team members
Influencing GRC program evolution through automation
Effective communication of technical risks to management
Passion for continuous improvement in security controls
Key Requirements
Bachelor's degree in cybersecurity or business information systems