IT Risk and Compliance Analyst - Mid-Level

job summary:

The IT Risk & Compliance Governance Contractor is an experienced individual contributor who will support the IT Risk & Compliance Governance team by executing defined governance, risk, and compliance activities and delivering agreed-upon outputs on time and with high quality.

location: Telecommute

job type: Contract

salary: $60.42 - 70.42 per hour

work hours: 8am to 5pm

education: Bachelors



responsibilities:

Execution & Delivery

- Independently perform and support IT governance, risk, and compliance processes and services to ensure timely, accurate, and high?quality delivery.

- Handle daily execution of assigned processes and services, identifying and resolving most tactical challenges with guidance as needed.

- Develop and maintain reports, metrics, and presentations; deliver content within a defined scope and audience.

- Contribute to the creation and modification of internal Risk and Compliance process documentation.

Governance, Risk & Compliance Support

- Support the implementation and operation of IT governance policies, standards, and procedures.

- Apply risk and compliance frameworks (e.g., ISO, NIST, COSO, PCI) to assigned activities with guidance from senior team members.

- Identify control gaps, inefficiencies, and improvement opportunities within existing processes.

Stakeholder Engagement

- Communicate effectively with the engagement lead, team members, and process stakeholders to confirm requirements, timelines, and acceptance criteria.

- Participate in cross?functional discussions to understand needs, clarify scope, and align on deliverables.

- Establish and maintain productive working relationships within IT and across the business to support timely delivery.

Continuous Improvement & Tools

- Actively identify improvements to processes and lead assigned improvement activities with oversight.

- Support the use and administration of GRC tools (ServiceNow) and platforms to drive efficiency and consistency.

- Stay current on IT risk, compliance, and cybersecurity concepts, trends, and best practices.

qualifications:

- 5-10 years of experience in IT risk, compliance, audit, or a related discipline

- Working knowledge of IT governance, risk management, and compliance concepts.

- Experience using ServiceNow Integrated Risk Management (IRM).

- Familiarity with common frameworks and standards (e.g., ISO, NIST, COSO, PCI DSS) and how to apply them to controls/evidence.

- Ability to handle assigned work independently, communicate status, and call out risks/issues early.

- Strong written and verbal communication skills, including drafting clear control narratives and audit-ready responses.

- Proficiency with common productivity tools (e.g., Excel, PowerPoint) and producing reports/metrics within a defined scope.

- Ability to collaborate effectively in a team?based, matrixed environment while operating as an independent contributor.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.


It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.