GRC Analyst

Forward Financing is a Boston-based financial technology company with an operational hub in the Dominican Republic, providing fast, flexible working capital to US small businesses that have been underserved by traditional financing options. Our mission is to build a world-class fintech company that enables our customers and employees to reach their full potential.

We're seeking a highly skilled GRC Analyst to join our team. As a key member of our Governance, Risk, and Compliance (GRC) team, you will play a vital role in developing, implementing, and maintaining our GRC program. This includes creating and maintaining policies and standards, tracking risks, and managing SOC2 audits.

• Develop and implement a comprehensive GRC program that aligns with our strategic objectives and evolving regulatory landscape.
• Collaborate with subject matter experts to create and update policies, standards, and procedures that promote compliance and risk management.
• Design and conduct incident response drills to assess and enhance our preparedness for security incidents.
• Perform comprehensive risk assessments using quantitative models and develop actionable risk mitigation plans.
• Serve as a key point of contact for SOC2 audits, facilitating the audit process and ensuring timely remediation of any identified gaps.
• Establish and manage a robust third-party risk management program, including conducting due diligence, ongoing monitoring, and performance reviews.

• Bachelor's degree in a related field such as information security, computer science, or business administration.
• 5+ years of experience in a GRC role, preferably in a technology-driven or regulated industry.
• Proven experience in creating, implementing, and maintaining policies, standards, and procedures that align with industry frameworks and regulatory requirements.
• Demonstrated ability to design, conduct, and document incident response drills to assess and enhance our preparedness for security incidents.
• Strong analytical skills with experience in performing risk assessments using quantitative models such as FAIR, identifying and evaluating risks, and working with engineers to develop mitigation strategies.
• Hands-on experience in supporting SOC2 audits, including gathering evidence, coordinating with auditors, and addressing findings.
• Proficiency in third-party risk management, including conducting due diligence assessments, monitoring vendor performance, and ensuring compliance with contractual obligations.

We offer a comprehensive benefits package, including medical, dental, vision, and commuter benefits, a flexible time-off policy, paid parental leave, 401k match for US employees, wellness reimbursement, volunteering days, annual professional development budget, and charitable donation match.

At Forward Financing, we value direct communication, candid feedback, and authenticity. We are an open book and believe in financial opportunity for underserved small businesses. We say 'yes' when others say 'no.' We create an environment where caring is cool and helping is the norm. We do the right thing.

We are a 100% employee-owned company with a diverse and driven group of about 450 people, with approximately 200 based in the US, and 250 in the Dominican Republic. Our people are excited about their work, knowing they are helping thousands of small businesses while advancing their own careers.