GRC Tools Specialist/Analyst

Agreeya

Must Have:

Need local consultants only within 30-50 miles with minimum 8 years of experience.

Required GRC tools - SAI360 or RSA Archer or MetricStream or ServiceNow GRC or IBM OpenPages or SAP GRC.

Job Title: GRC Tools Specialist/Analyst

Location: Chandler, AZ ( 4 Days onsite, 1 day remote)

Duration/Type: Contract

Job Description:

The combined role of GRC Tools Specialist and Risk & Vulnerability Analyst will be instrumental in supporting the organization's IT compliance strategy for Infrastructure and Operations by leveraging Governance, Risk, and Compliance (GRC) platforms-primarily SAI360-and project management tools such as Workfront. This position is responsible for evidence gathering, issue management, management action plans (MAPs), audit finding and evidence review, and the creation of infrastructure system documentation. The analyst will prioritize and manage both audit and non-audit issues within Infrastructure and Operations teams, coordinating closely with ERM and 1RCO teams to ensure gaps and requirements are addressed for successful issue and MAP closure. The ideal candidate will demonstrate technical competence, initiative, creativity, and teamwork while collaborating with distributed team members and stakeholders.

Key Responsibilities

• Utilize SAI360 GRC platform and project management tools like Workfront to manage compliance activities, including evidence collection, issue tracking, MAPs, and reporting.
• Coordinate and oversee the gathering of audit evidence from infrastructure systems and maintain organized documentation of findings, while setting clear requirements for evidence needed.
• Manage issues and remediation tasks within the GRC platform, ensuring timely resolution, accurate status tracking, and driving meetings with Infrastructure and Operations teams for weekly updates and priorities.
• Review audit findings and associate evidence for completeness, accuracy, and alignment with regulatory requirements; update and review Workfront dashboards with weekly updates on open issues and MAPs.
• Apply knowledge of COBIT, NIST, CIS, SOX, and COSO frameworks to ensure controls are properly designed, implemented, and documented, including controls testing and documentation.
• Coordinate with 1RCO and ERM teams to understand gaps and requirements, and automate monthly reporting for Issues, MAPs, and IT exceptions for Infrastructure and Operations teams.
• Leverage ServiceNow for incident and change management and collaborate with multiple teams on risk exceptions procedures.
• Create and maintain clear, concise documentation for infrastructure systems, including user manuals, policy, and procedure information to support compliance, audit, and operational needs.
• Mentor team members, establish practices for quality and consistency, and contribute to the team's capabilities by sharing knowledge and fostering collaboration.
• Report weekly to management on project status, deployment results, and operations, as well as work with stakeholders to achieve business goals and support requirements with appropriate technology solutions.