Experienced or Senior GRC Analyst

What You'll Do

As an Experienced GRC Analyst, you'll be the trusted advisor our clients count on - helping them build stronger, safer businesses through world-class cybersecurity and GRC strategies. You will:

• Lead assessments and audits of security and IT control environments
• Design, implement, and mature cybersecurity and compliance programs
• Develop risk registers, conduct risk assessments, and track remediation efforts
• Create and refine policies, standards, and procedures that align with top frameworks (SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST, and more)
• Guide third-party vendor risk management programs
• Prepare clients for internal audits and external assessments
• Translate technical, regulatory, and business requirements into clear, actionable solutions
• Mentor junior analysts and contribute to the growth of our GRC practice

You won't be stuck doing the same thing every day - you'll work on diverse, challenging projects across multiple industries, helping world-class organizations tackle their most critical security and compliance needs. What You Bring

• 5+ years of hands-on experience in GRC, cybersecurity, IT audit, risk management, or a related field
• Deep expertise in cybersecurity fundamentals and IT control frameworks
• Strong working knowledge of compliance standards (e.g., SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST)
• A track record of delivering high-quality client service, managing projects, and driving results
• Excellent writing skills - you can translate complexity into clear, polished deliverables
• Outstanding critical thinking, problem-solving, and organizational skills
• A high level of accountability, ownership, and professional maturity
• Curiosity, creativity, and a proactive, solutions-first mindset
• Comfort working independently in a fast-paced, remote environment

Bonus Points if you have industry certifications such as CISA, CISM, CISSP, CRISC, or are actively pursuing one.

Requirements

• Authorized to work in the U.S. with permanent work authorization
• Able to pass a background check
• Reliable high-speed internet and a secure remote work setup

We offer

• Cybersecurity strategy and program development
• Fully managed programs, from implementation to maturation and remediation
• One-time projects like policies, audits, risk assessments, incident response planning, and more
• Support across top compliance frameworks like SOC 2, NIST CSF, ISO 27001, HITRUST, and others

Whatever the challenge, we're ready to solve it - with precision, expertise, and heart. Apply tot his job Apply To this Job