Governance, Risk & Compliance (GRC) Analyst
More Information & ApplyGovernance, Risk & Compliance (GRC) Analyst:
- Average Salary: Approximately $91,000 per year.
- Salary Range: Typically between $82,000 and $102,000 annually, with experienced GRC professionals earning up to $115,000 per year.
Job Title: Governance, Risk & Compliance (GRC) Analyst
Location: Charlotte, NC (Hybrid Schedule)
About Us:
Specialized Recruiting Group is partnering with a Fortune 500 client to find a GRC Analyst to join their Cyber Risk & Compliance team in Charlotte, NC. This role offers a unique opportunity to influence security posture through policy development, compliance initiatives, and third-party risk management.
Specialized Recruiting Group is partnering with a Fortune 500 client to find a GRC Analyst to join their Cyber Risk & Compliance team in Charlotte, NC. This role offers a unique opportunity to influence security posture through policy development, compliance initiatives, and third-party risk management.
Job Overview:
As a GRC Analyst, you will support the enterprise’s risk management program by assessing and improving compliance with internal security standards and external regulations. You’ll also assist in vendor assessments, audit responses, and policy development initiatives.
As a GRC Analyst, you will support the enterprise’s risk management program by assessing and improving compliance with internal security standards and external regulations. You’ll also assist in vendor assessments, audit responses, and policy development initiatives.
Key Responsibilities:
• Conduct risk assessments across business units and third-party vendors
• Maintain cybersecurity policies and ensure regulatory compliance (e.g., SOX, HIPAA, NIST)
• Track remediation efforts for identified security risks and control deficiencies
• Collaborate with legal, IT, and audit teams on compliance issues
• Assist with preparing for internal and external audits
• Evaluate new vendors and perform security due diligence reviews
• Report on key risk metrics and compliance performance
• Maintain and improve GRC tools and workflows
• Conduct risk assessments across business units and third-party vendors
• Maintain cybersecurity policies and ensure regulatory compliance (e.g., SOX, HIPAA, NIST)
• Track remediation efforts for identified security risks and control deficiencies
• Collaborate with legal, IT, and audit teams on compliance issues
• Assist with preparing for internal and external audits
• Evaluate new vendors and perform security due diligence reviews
• Report on key risk metrics and compliance performance
• Maintain and improve GRC tools and workflows
Qualifications:
• Bachelor’s degree in Information Security, Business, or related field
• 2+ years of experience in IT risk, compliance, or audit
• Working knowledge of security frameworks such as NIST, ISO 27001, or SOC 2
• Strong understanding of third-party risk management
• Excellent organizational and communication skills
• Bachelor’s degree in Information Security, Business, or related field
• 2+ years of experience in IT risk, compliance, or audit
• Working knowledge of security frameworks such as NIST, ISO 27001, or SOC 2
• Strong understanding of third-party risk management
• Excellent organizational and communication skills
Preferred Skills:
• Familiarity with GRC platforms like Archer, OneTrust, or ServiceNow GRC
• Security certifications (e.g., CRISC, CISA, or CGEIT)
• Experience in regulated industries such as healthcare or finance
• Familiarity with GRC platforms like Archer, OneTrust, or ServiceNow GRC
• Security certifications (e.g., CRISC, CISA, or CGEIT)
• Experience in regulated industries such as healthcare or finance
Powered by Avionté