IT Security / Compliance Analyst (GRC)

Overview

On Site
$55
Contract - W2
Contract - Independent

Skills

Risk Management

Job Details

Vaco is partnering with an enterprise client on the search for an GRC Analyst to support compliance initiatives, security audits, and metrics reporting across the organization. This is a 4 month contract position supporting the company’s risk management and information security functions.

This role is ideal for someone with strong experience in IT audit readiness, compliance frameworks, and security metrics, who can bridge the gap between technical controls and business stakeholders.


What You’ll Do

Security & Compliance Support

  • Coordinate internal and external IT audit activities, including scheduling walkthroughs and managing evidence requests.

  • Work cross-functionally to gather and organize audit documentation from various business units.

  • Map security controls to system configurations and ensure documentation is updated and accessible.

Security Metrics & Reporting

  • Collaborate with compliance and risk teams to define and report on key security metrics.

  • Build and maintain dashboards to track trends, identify potential risks, and inform decision-making.

  • Ensure data quality, accuracy, and consistency across reports and documentation.

Awareness & Best Practices

  • Partner with internal teams (L&D, Comms, Risk) to enhance security awareness initiatives.

  • Contribute to the development of security configuration standards and assist in policy enforcement.

  • Support incident response activities related to system misconfigurations, as needed.


What You Bring

Required:

  • 5+ years of experience in information security, IT audit, or GRC-related roles

  • Solid understanding of compliance frameworks and audit processes

  • Strong communication and stakeholder engagement skills

  • Excellent documentation and project management abilities

  • Security+ certification

Preferred:

  • CISA, CISSP, or CISM certifications

  • Prior experience in highly regulated industries (finance, healthcare, etc.)

  • Familiarity with enterprise risk management tools or GRC platforms



Determining compensation for this role (and others) at Vaco/Highspring depends upon a wide array of factors including but not limited to the individual’s skill sets, experience and training, licensure and certifications, office location and other geographic considerations, as well as other business and organizational needs. With that said, as required by local law in geographies that require salary range disclosure, Vaco/Highspring notes the salary range for the role is noted in this job posting. The individual may also be eligible for discretionary bonuses, and can participate in medical, dental, and vision benefits as well as the company’s 401(k) retirement plan.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.