Experienced or Senior GRC Analyst
What You'll Do
As an Experienced GRC Analyst, you'll be the trusted advisor our clients count on - helping them build stronger, safer businesses through world-class cybersecurity and GRC strategies. You will:
⢠Lead assessments and audits of security and IT control environments
⢠Design, implement, and mature cybersecurity and compliance programs
⢠Develop risk registers, conduct risk assessments, and track remediation efforts
⢠Create and refine policies, standards, and procedures that align with top frameworks (SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST, and more)
⢠Guide third-party vendor risk management programs
⢠Prepare clients for internal audits and external assessments
⢠Translate technical, regulatory, and business requirements into clear, actionable solutions
⢠Mentor junior analysts and contribute to the growth of our GRC practice
You won't be stuck doing the same thing every day - you'll work on diverse, challenging projects across multiple industries, helping world-class organizations tackle their most critical security and compliance needs.
What You Bring
⢠5+ years of hands-on experience in GRC, cybersecurity, IT audit, risk management, or a related field
⢠Deep expertise in cybersecurity fundamentals and IT control frameworks
⢠Strong working knowledge of compliance standards (e.g., SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST)
⢠A track record of delivering high-quality client service, managing projects, and driving results
⢠Excellent writing skills - you can translate complexity into clear, polished deliverables
⢠Outstanding critical thinking, problem-solving, and organizational skills
⢠A high level of accountability, ownership, and professional maturity
⢠Curiosity, creativity, and a proactive, solutions-first mindset
⢠Comfort working independently in a fast-paced, remote environment
Bonus Points if you have industry certifications such as CISA, CISM, CISSP, CRISC, or are actively pursuing one.
Requirements
⢠Authorized to work in the U.S. with permanent work authorization
⢠Able to pass a background check
⢠Reliable high-speed internet and a secure remote work setup
We offer:
⢠Cybersecurity strategy and program development
⢠Fully managed programs, from implementation to maturation and remediation
⢠One-time projects like policies, audits, risk assessments, incident response planning, and more
⢠Support across top compliance frameworks like SOC 2, NIST CSF, ISO 27001, HITRUST, and others
Whatever the challenge, we're ready to solve it - with precision, expertise, and heart.
Apply tot his job
Apply To this Job
As an Experienced GRC Analyst, you'll be the trusted advisor our clients count on - helping them build stronger, safer businesses through world-class cybersecurity and GRC strategies. You will:
⢠Lead assessments and audits of security and IT control environments
⢠Design, implement, and mature cybersecurity and compliance programs
⢠Develop risk registers, conduct risk assessments, and track remediation efforts
⢠Create and refine policies, standards, and procedures that align with top frameworks (SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST, and more)
⢠Guide third-party vendor risk management programs
⢠Prepare clients for internal audits and external assessments
⢠Translate technical, regulatory, and business requirements into clear, actionable solutions
⢠Mentor junior analysts and contribute to the growth of our GRC practice
You won't be stuck doing the same thing every day - you'll work on diverse, challenging projects across multiple industries, helping world-class organizations tackle their most critical security and compliance needs.
What You Bring
⢠5+ years of hands-on experience in GRC, cybersecurity, IT audit, risk management, or a related field
⢠Deep expertise in cybersecurity fundamentals and IT control frameworks
⢠Strong working knowledge of compliance standards (e.g., SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST)
⢠A track record of delivering high-quality client service, managing projects, and driving results
⢠Excellent writing skills - you can translate complexity into clear, polished deliverables
⢠Outstanding critical thinking, problem-solving, and organizational skills
⢠A high level of accountability, ownership, and professional maturity
⢠Curiosity, creativity, and a proactive, solutions-first mindset
⢠Comfort working independently in a fast-paced, remote environment
Bonus Points if you have industry certifications such as CISA, CISM, CISSP, CRISC, or are actively pursuing one.
Requirements
⢠Authorized to work in the U.S. with permanent work authorization
⢠Able to pass a background check
⢠Reliable high-speed internet and a secure remote work setup
We offer:
⢠Cybersecurity strategy and program development
⢠Fully managed programs, from implementation to maturation and remediation
⢠One-time projects like policies, audits, risk assessments, incident response planning, and more
⢠Support across top compliance frameworks like SOC 2, NIST CSF, ISO 27001, HITRUST, and others
Whatever the challenge, we're ready to solve it - with precision, expertise, and heart.
Apply tot his job
Apply To this Job