We are seeking an experienced GRC Analyst to join our clients team. The ideal candidate will bring 5+ years of experience in one or more key security domains, including vendor risk management, security governance, and security operations. This role plays a critical part in protecting the organization by ensuring risks are identified, assessed, and effectively mitigated.
What You’ll Do
- Identify, assess, and mitigate IT and security risks across the organization.
- Ensure compliance with relevant regulations, internal policies, and industry standards.
- Conduct risk assessments and contribute to the development, review, and maintenance of security policies.
- Coordinate and support internal and external audits.
- Assist in responding to security incidents, including data collection, analysis, and documentation.
- Provide training and awareness to internal teams on security best practices.
- Collaborate with cross-functional teams to ensure security requirements are integrated into new systems and projects.
- Monitor and evaluate the effectiveness of security controls.
- Stay up-to-date on emerging cybersecurity threats, technologies, and regulatory changes.
Preferred Experience
- Experience working with Federal agency programs, such as FedRAMP.
- Familiarity with compliance frameworks including ISO 27001, NIST, CSF, and CCSK.
- Background or interest in AI governance.
