Overview
Remote
Depends on Experience
Full Time
Skills
GRC
risk management
HIPAA
PCI-DSS
ISO 27001
NIST
Job Details
We are seeking a GRC Analyst / Senior Analyst with 5 7 years of experience in governance, risk, compliance, and information security. This role will support enterprise compliance initiatives, risk assessments, and audit readiness while working closely with cross-functional teams.
Key Responsibilities
Governance & Policy
Support development, implementation, and maintenance of IT and information security policies, standards, and procedures.
Assist with policy governance, internal control documentation, and GRC tool administration.
Support compliance with healthcare, data privacy, and security regulations.
Risk Management
Conduct and support risk assessments, control testing, and remediation tracking.
Support alignment with frameworks such as NIST CSF and ISO 27001.
Compliance & Audit
Support compliance activities for HIPAA, PCI-DSS, ISO 27001, and NIST.
Assist with internal and external audits, including evidence collection and response coordination.
Track audit findings and remediation efforts.
Incident Response & Assurance
Support investigations of security incidents, privacy events, and policy violations.
Assist with customer security questionnaires and third-party risk assessments.
Monitoring & Training
Assist in preparing compliance reports, risk dashboards, and audit readiness updates.
Support security awareness and compliance training initiatives.
Required Qualifications
5 7 years of experience in GRC, information security, risk management, or compliance.
Hands-on experience supporting audits and risk assessments.
Strong documentation, analytical, and communication skills.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.