A large enterprise organization is seeking a GRC Analyst to support a high-visibility security initiative in a onsite role based in downtown Phoenix, AZ. This is a contract position focused on governance, risk, and compliance activities across technology projects, with exposure to security frameworks, audit processes, and enterprise risk management tools such as ServiceNow, Azure DevOps, Jira, and SharePoint.
This is an excellent opportunity for someone who thrives in structured environments and enjoys bringing order to complex security processes. The key value of this role is ownership of the risk register and approval lifecycle - you'll be the central point ensuring risks, decisions, documentation, and approvals are clearly tracked and audit-ready. If you're looking to deepen your GRC experience while working closely with security architects, engineering teams, and stakeholders across a large organization, this role offers strong exposure to enterprise-scale governance practices and real-world security decision-making.
Contract Duration: 12 - 24 Months
Required Skills & Experience - Experience supporting governance, risk, compliance, audit readiness, security documentation, risk management, or approval tracking for technology projects
- Ability to maintain a project risk register with clear risk descriptions, owners, impacts, likelihood, mitigation plans, residual risk, decisions, and status updates
- Working knowledge of security governance and risk management concepts, including control mapping, risk acceptance, evidence collection, approval workflows, and issue remediation tracking
- Familiarity with security frameworks such as NIST Cybersecurity Framework, NIST SP 800-53, CIS Controls, ISO 27001, or equivalent
- Ability to understand technical project context well enough to accurately document risks, controls, approvals, dependencies, and evidence requirements
- Strong documentation discipline, attention to detail, follow-up skills, and ability to keep records audit-ready
- Proficiency with Microsoft Office, Excel, SharePoint, Teams, and tools such as ServiceNow, Azure DevOps, Jira, Archer, or OneTrust
- Ability to coordinate across security, architecture, engineering, project delivery, compliance, operations, and stakeholder groups
- Strong written communication skills and ability to clearly summarize risk and approval status
Desired Skills & Experience - Security+, CGRC, CISA, CRISC, CISM, or similar certifications
- Experience supporting public sector, regulated, or high-governance environments
- Experience with authorization, exception, risk acceptance, audit, or compliance evidence processes
- Experience building dashboards, trackers, approval matrices, or evidence repositories
- Familiarity with Azure cloud, infrastructure delivery, DevOps, and security review processes
What You Will Be Doing Tech Breakdown
- 50% GRC Platforms and Documentation
- 30% Security Frameworks and Risk Management
- 20% Collaboration and Reporting Tools
Daily Responsibilities
- 60% Risk and Compliance Tracking
- 15% Process Coordination and Follow-Ups
- 25% Cross-Team Collaboration
Never miss an opportunity! Create an alert based on the job you applied for.
