GRC Analyst

GRC Analyst

Job Summary:

The GRC Analyst supports governance, risk management, and compliance efforts by ensuring adherence to regulatory requirements and security frameworks (ISO 27001, NIST, SOC 2, GDPR, etc.). This role involves conducting risk assessments, managing compliance programs, supporting audits, and enhancing security policies.

Key Responsibilities:

• Develop and enforce security and compliance policies.

• Conduct risk assessments and track mitigation efforts.

• Support internal and external audits (SOC 2, ISO 27001, PCI-DSS).

• Manage third-party risk assessments and vendor compliance.

• Maintain GRC tools for monitoring risks and compliance.

• Conduct security awareness training for employees.

Qualifications:

• Bachelor s degree in IT, Security, or related field.

• Experience in GRC, risk management, or compliance.

• Knowledge of security frameworks (ISO 27001, NIST, HIPAA, etc.).

• Strong analytical and communication skills.

• Preferred: CISA, CRISC, CISSP, or GRC tool experience (Archer, OneTrust).