GRC Analyst
About The Position
This role sits at the intersection of technology, risk, and compliance. As a GRC Analyst, you’ll help the organization proactively identify and manage risk across systems, platforms, and processes while ensuring alignment with key regulatory and security frameworks. You’ll work closely with IT, security, and business teams to assess new and existing technologies, support audits, and strengthen governance practices. A big part of the role is also driving awareness and adoption, helping teams understand risk policies, change management guidelines, and compliance expectations through training and education. Day to day, you’ll evaluate operational vulnerabilities, perform ongoing compliance and gap assessments, support disaster recovery and business continuity planning, and help ensure change and service transition controls are consistently followed. You’ll also contribute to broader GRC strategy and departmental priorities, helping the organization mature its risk posture over time.
Requirements
- Bachelor’s degree in Information Technology or equivalent program
- 3+ years of experience in IT governance, risk management, audit, compliance, technology process design & control, or other related technology competencies
- Demonstrated ability to bring multiple stakeholders to agreement on an agreed course of action
- Experience auditing, managing, or implementing risk frameworks such as CMMC, NIST frameworks (i.e., NIST 800-171, 800-53, CSF), and/or SOC 2 Type I and II, or similar.
- Experience working on or with government agencies, defense teams, and organizations
- Excellent understanding of the interdependencies of multiple infrastructure technical
Nice To Haves
- Technical experience managing compliance activities in cloud environments, specifically AWS
- Direct experience managing and implementing a CMMC program
Responsibilities
- Have a deep understanding of risk assessment, regulatory frameworks, and emerging trends in the cybersecurity and risk landscape
- Identify points of operational vulnerability and dependencies across technology services, systems, platforms, domains, teams, and activities
- Identify stability and performance trends that indicate the need for strategic and/or process changes to technology service and risk governance
- Understanding of change management guidelines
- Assist in creating a culture of risk and compliance awareness through developments of training and education on risk policies, practices, and industry guidelines
- Facilitate, govern, and measure organizational adoption and adherence to service transition/change-related controls and reporting
- Assist in the execution of departmental plans, including business, production, and/or organizational priorities and contribute to the Governance, Risk and Compliance functional strategy
- Work with IT and business teams to perform security and compliance assessments on new and existing systems, processes, and technology
- Support internal and external audit processes for relevant compliance concerns
- Participate in disaster recovery and business continuity planning and exercises, as appropriate
- Perform periodic gap assessments to validate compliance on an ongoing basis
- Other duties as assigned.
Benefits
- Flexible Time Off program
- Hybrid work model
- Variety of medical insurance options, including a $0 cost premium employee coverage
- Benefits effective day 1 of employment include a competitive 401K match with no vesting requirement, national health, dental, and vision plans
- Progressive family plan benefits
- An opportunity to work for a global and industry-leading technology company
- Impactful work in a collaborative environment
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
