GRC Analyst
Dice Job Match Score™
🔗 Matching skills to job...
Job Details
Skills
- GRC
- Governance
- Risk & Compliance
- HIPPA
- SOX
- Compliance
- IT Audit
- IT Risk
- IT Risk Management
- IT Security
- Policies and Procedures
- Regulatory Compliance
- Security Awareness
- Security Analysis
- Vulnerability Management
- Risk Management
- Risk Assessment
- CISA
- CISM
- CISSP
- Auditing
Summary
GRC (Governance, Risk & Compliance) Analyst
Location: Remote (USA)
Job Type: Contract
Job Summary
We are seeking a detail-oriented GRC Analyst to support and enhance our Governance, Risk, and Compliance program. The ideal candidate will have experience in risk assessments, compliance frameworks, security policies, audits, and third-party risk management. This role requires close collaboration with IT, Security, Legal, and business stakeholders to ensure compliance with regulatory and industry standards.
Key Responsibilities
Assist in the development, implementation, and maintenance of Governance, Risk, and Compliance (GRC) programs.
Conduct risk assessments and identify security, operational, and compliance risks.
Support internal and external audits by gathering evidence and coordinating audit activities.
Develop, review, and maintain security policies, standards, procedures, and documentation.
Monitor compliance with regulatory requirements and industry frameworks.
Perform third-party/vendor risk assessments and monitor remediation activities.
Track and manage compliance findings, risks, and corrective action plans.
Collaborate with cross-functional teams to implement security and compliance controls.
Assist with security awareness and compliance training initiatives.
Prepare dashboards, reports, and metrics for management and stakeholders.
Support continuous improvement of GRC processes and controls.
Required Qualifications
Bachelor''''s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
3+ years of experience in Governance, Risk & Compliance (GRC), Information Security, IT Audit, or Cybersecurity.
Strong understanding of risk management principles and compliance programs.
Experience with GRC platforms such as Archer, ServiceNow GRC, OneTrust, AuditBoard, or MetricStream.
Knowledge of security frameworks and standards including:
NIST CSF
ISO 27001
SOC 2
PCI DSS
HIPAA
SOX
GDPR
CIS Controls
Familiarity with security policies, controls, and regulatory requirements.
Excellent analytical, documentation, and communication skills.
Ability to work independently in a remote environment.
Preferred Qualifications
Professional certifications such as:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Systems Auditor (CISA)
ISO 27001 Lead Implementer or Lead Auditor
Experience supporting cloud security compliance (Azure, AWS, or Google Cloud).
Knowledge of vulnerability management and security assessment processes.
Technical Skills
Risk Assessment & Risk Register Management
Compliance Monitoring
Internal & External Audit Support
Third-Party Risk Management (TPRM)
Policy & Procedure Development
Security Control Assessments
Incident & Exception Management
Vendor Risk Reviews
Microsoft Excel, Power BI, and Microsoft Office Suite
ServiceNow GRC, Archer, OneTrust, MetricStream, AuditBoard (preferred)
Nice to Have
Experience in financial services, healthcare, government, or other regulated industries.
Familiarity with cloud compliance frameworks and Zero Trust principles.
Experience with AI governance or emerging technology risk assessments.
This sample job description can be tailored for junior, mid-level, or senior GRC Analyst roles depending on your hiring needs.
- Dice Id: 91172515
- Position Id: 9016159
- Posted 4 hours ago
Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs