Senior GRC Analyst

  • Houston, TX
  • Posted 6 hours ago | Updated 2 hours ago

Overview

On Site
Full Time
Part Time
Accepts corp to corp applications
Contract - W2
Contract - Independent

Skills

GRC
Risk Management Tools

Job Details

Maddisoft has the following immediate opportunity, let us know if you or someone you know would be interested. Send in your resume ASAP. - U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. Looking for W2 CONTRACT, Send in resume along with LinkedIn profile without which applications will not be considered. Call us NOW! ***Visa sponsorship is available for this position. **

Role: Senior GRC Analyst

Location: Houston Texas -Onsite only

Skills and abilities:

Strong understanding of enterprise risk management and regulatory compliance standards.

In-depth knowledge and hands-on experience with PCI DSS, SOC 1 / SOC 2, ISO 27001, and NIST CSF.

Solid grasp of third-party risk management (TPRM) principles and practices.

Experience assessing and managing risk associated with vendors and cloud service providers.

Proficiency in reviewing and interpreting SOC reports, security assessments, and contractual obligations.

Familiarity with GRC systems and platforms; experience with ServiceNow GRC, or similar tools preferred.

Excellent analytical, problem-solving, and risk assessment skills.

Strong communication skills, with the ability to translate complex security and compliance issues into business-relevant language.

Ability to build cross-functional relationships and lead multi-departmental initiatives.

Capable of managing multiple concurrent projects in a fast-paced environment.

Required Education and Experience

Bachelor s degree in Information Security, Risk Management, Business Administration, or related field.

5-7 years of progressive experience in GRC, compliance, audit, or risk management roles.

Minimum 2-3 years of direct experience managing PCI DSS and SOC 1 / SOC 2 compliance efforts.

Proven experience developing and managing vendor risk and third-party assessment programs.

Leadership or mentoring experience in a GRC or risk-focused role.

Preferred professional certifications:
o Certified Information Systems Auditor (CISA)
o Certified in Risk and Information Systems Control (CRISC)
o Certified Information Security Manager (CISM)
o Certified Information Systems Security Professional (CISSP)
o Certified in Governance of Enterprise IT (CGEIT)
o PCI Professional (PCIP) or similar PCI-related certification

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.