GRC Data Security Analyst

Overview

On Site
Hybrid
Depends on Experience
Contract - W2

Skills

GRC
Diligent
Texas Cybersecurity Framework (TCF)
NIST Cybersecurity Framework (CSF) 2.0
HIPAA Security Rule
ISO 27001
CIS Controls
Governance
Risk
Compliance
NIST CISF 2.0
HIPPA
Texas Cybersecurity Framework
CISA
CRISC
CISSP
CGRC

Job Details

General Description:

Performs advanced information security analysis work for the Information Security Office within the Information Systems Division. We are seeking a detail-oriented and experienced Governance, Risk, and Compliance (GRC) Analyst to join our cybersecurity team. This role will focus on implementing and managing self-assessment projects within our GRC platform, with a strong emphasis on regulatory frameworks and stakeholder engagement.

Functional responsibilities:

  • Design, configure, and manage self-assessment projects within GRC tools (preferably Diligent).
  • Ensure assessments include automated notifications and task assignments to appropriate personnel.
  • Interpret and apply regulatory and industry frameworks including:
  • Texas Cybersecurity Framework (TCF)
  • NIST Cybersecurity Framework (CSF) 2.0
  • HIPAA Security Rule
  • Other relevant standards (e.g., ISO 27001, CIS Controls).
  • Collaborate with stakeholders to gather evidence, track remediation, and report on compliance posture.
  • Support internal audits and risk assessments.
  • Maintain documentation and ensure continuous improvement of GRC processes.

 

Other requirements:

  • Attends work regularly.
  • Must dress appropriately for a business environment.
  • Communicates respectfully and works harmoniously with all co-workers, customers and vendors.
  • Provides exceptional customer service.
  • Is flexible; able to work under pressure and; able to adapt to change; and able to work on multiple problems and tasks.
  • Takes initiative to prevent and solve problems.

 

WORKER SKILLS AND QUALIFICATIONS

Minimum:

Years Skills/Experience

3 Experience in a GRC, cybersecurity, or compliance role.

3 Hands-on experience with GRC platforms (Diligent preferred).

Strong understanding of NIST CISF 2.0, HIPPA and state-level frameworks (Texas Cybersecurity Framework)

Experience designing workflows and notifications within GRC tools

Excellent communication and stakeholder engagement skills

 

Preferred:

Years Skills/Experience

Familiarity with risk management methodologies

Certifications such as CISA, CRISC, CISSP or CGRC

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.