GRC Security Analyst (Compliance)

Remote in Madison, WI, US • Posted 1 hour ago • Updated 1 hour ago
Contract W2
On-site
USD25 - USD35/hr
Fitment

Dice Job Match Score™

👾 Reticulating splines...

Job Details

Skills

  • GRC Security Analyst (Compliance)

Summary

job summary:

Remote daily work with the ability to report to the Madison Office for training or when required for emergency situations. Must be a current Wisconsin resident. No relocation allowed. Position will be 100% remote after training, but all work must be done within Wisconsin.


Under the general supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting a wide range of compliance and cybersecurity functions. Core responsibilities include providing risk assessment and/or compliance support. Taking part in or leading audits, submitting findings, analyzing risks for specific areas, monitoring corrective actions, and drafting risk reports with metric charts and ongoing effort accountability.





location: Telecommute

job type: Contract

salary: $24.66 - 34.66 per hour

work hours: 8am to 5pm

education: High School



responsibilities:

Support cybersecurity policy execution, operational standards, and governance activities.


  • Review policy, procedures, controls, and standards to ensure regulatory standards are met.
  • Address compliance issues with IT security standards; identifying deficiencies and recommending control and risk mitigation measures.
  • Review documentation to ensure it meets standards and applicable regulatory requirements, standards, or industry best practices.
  • Assist with the creation of new and updates to policy, process, and technical controls to determine if they are sufficient and functioning as intended.
  • Report on risks and mitigations as well as following up to verify that adjustments were made.
  • Interpret NIST or other standards to recommend and implement best practices.
  • Contribute to the maintenance and operationalization of information security policies, procedures, and response playbooks.
  • Review new IT projects, systems, and vendor solutions for security risk, documenting and escalating concerns as needed.
  • Provide technical consulting and security recommendations aligned with standards and architecture.
  • Participate in enterprise-level risk assessments and contribute data to compliance, audit, or risk reporting needs.
  • Assist in threat modeling exercises or tabletop simulations designed to improve preparedness and resiliency.
Monitor, detect, respond to, and investigate cybersecurity threats across enterprise environment.


  • Triage, analyze, and respond to cybersecurity alerts using current technologies and tools.
  • Conduct forensic investigations into suspected security incidents, including phishing, account compromise, and endpoint breaches.
  • Coordinate with internal teams to contain, eradicate, and recover from security incidents.
  • Analyze logs, threat intelligence, and user behavior to identify indicators of compromise (IOCs) and prevent recurrence.
  • Document incident response actions and create post-incident reports with recommended improvements.
  • Participate in phishing mitigation, email threat response, and takedown coordination with third-party providers.
  • Assist in vulnerability validation and risk triage based on vendor and tool security recommendations.
  • Support the tuning, configuration, and enhancement of security technologies.
  • Assist with employee forensics, HR/legal investigations, and eDiscovery requests through log and artifact analysis.
  • Assist with continuous improvement of detection logic, alerts, and response workflows in current technologies and tools.
Contribute to the configuration, deployment, and lifecycle management of security technologies.


  • Collaborate with internal teams to implement, monitor, and maintain endpoint security, network protection, and access control systems.
  • Assist in the deployment or refinement of security technologies and tools.
  • Test and validate new use cases or configurations in existing tools and platforms, reporting anomalies or conflicts.
  • Maintain technical documentation and inventories related to security tooling, integrations, and metrics.
Maintain current expertise in cybersecurity tools, trends, and techniques.


  • Participate in professional development opportunities such as conferences, technical training, and webinars.
  • Track emerging threats, vulnerabilities, and technology trends through vendor briefings, information sharing groups, and security communities.
  • Contribute to internal knowledge sharing and cross-training within the security team.



qualifications:

At least 2 year's of experience required in the following:


- Understanding of NIST Cybersecurity Framework, NIST RMF, and other common security standards.


- Experience and working knowledge of common security frameworks and control theories to include current applicable NIST, CJIS, and ISO standards


- Experience with creating and leading discussions around the implementation and artifact collection of NIST 800-53 controls


- Proficiency in triaging and analyzing cybersecurity alerts using enterprise technologies and tools.


- Familiarity with phishing mitigation strategies and email threat analysis.


- Incident Response Forensics and Remediation (i.e. Crowdstrike, Sandbox evaluation & detonation, Phish evaluation, Malicious Website and Malicious Intent Identification)


- Customer service as it pertains to security incident management and communication with end user about dangerous behavior.


- Excellent technical writing and documentation skills, including incident reports and playbook development.


- Ability to work independently and as part of a distributed team to achieve shared objectives.


Nice to have skills:


- Capability to tune and optimize SIEM rules and detection logic to reduce noise and improve fidelity.


- Strong interpersonal communication skills with the ability to explain complex topics to non-technical audiences.


- Experience working as a team member on projects to improve business needs.


- Experience supporting endpoint, network, and cloud-based security controls in large-scale environments.


- Demonstrated ability to adapt to emerging threats, technologies, and evolving operational needs.




Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.


It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.



Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: cxsapwma1
  • Position Id: 1338724
  • Posted 1 hour ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Madison, Wisconsin

Today

Easy Apply

Contract, Third Party

Depends on Experience

Madison, Wisconsin

Today

Easy Apply

Full-time, Part-time, Contract, Third Party

Remote or Hybrid in Madison, Wisconsin

Today

Easy Apply

Third Party, Contract

Depends on Experience

Remote

Today

Contract

Depends on Experience

Search all similar jobs