GRC Risk & Security Analyst

GRC Risk & Security Analyst

About Us

DailyPay is transforming the way people get paid. As a worktech company and the industry’s leading on demand pay solution, DailyPay uses an award-winning technology platform to help America’s top employers build stronger relationships with their employees. This voluntary employee benefit enables workers everywhere to feel more motivated to work harder and stay longer on the job while supporting their financial well-being outside of the workplace. DailyPay is headquartered in New York City, with operations throughout the United States as well as in Belfast. For more information, visit DailyPay's Press Center.

The Role

The GRC Security Analyst is responsible for assessing, analyzing, and mitigating risks associated with the organization's information security posture. This role will play a crucial part in ensuring compliance with regulatory requirements and protecting sensitive data — both internally and across the third-party ecosystem. This includes evaluating the security posture of vendors and partners that DailyPay relies on, as well as supporting customers and partners when they assess DailyPay as part of their own vendor due diligence processes.

Key Responsibilities

• Analyze access privileges, segregation of duties, and other control mechanisms to identify potential risks
• Conduct regular risk assessments to identify and evaluate potential threats and vulnerabilities
• Analyze security controls, policies, and procedures to identify gaps and weaknesses
• Develop risk matrices and prioritize risks based on likelihood and impact
• Perform third-party vendor risk assessments to evaluate the security posture of new and existing vendors, ensuring they meet DailyPay's security and compliance standards
• Lead and support DailyPay's third-party risk assessment program, including initial onboarding assessments, periodic reviews, and offboarding processes