The GRC Analyst plays a critical role in supporting the organization’s governance, risk management, and compliance programs. The individual will work to identify, assess, and monitor risks, ensure compliance with regulatory requirements, and help implement and maintain internal security policies and controls. The GRC Analyst is responsible for managing risk assessments, monitoring security and compliance activities, and supporting the overall security posture of the organization.
Key Responsibilities
Governance:
Assist in the development, implementation, and monitoring of the organization’s governance frameworks, security policies, standards, and procedures to ensure alignment with regulatory and compliance requirements.
Monitor and support the organization’s compliance with relevant standards (e.g., NIST, ISO 27001, HIPAA, GDPR, SOC 2) and legal requirements.
Coordinate audits and assessments (internal and external) to ensure ongoing compliance and address audit findings.
Conduct risk assessments to identify vulnerabilities, threats, and potential impact to the organization’s information assets.
Maintain the risk register, tracking identified risks and mitigation efforts.
Collaborate with various departments to develop and implement risk mitigation strategies and ensure risks are reduced to an acceptable level.
Perform third-party vendor risk assessments to evaluate the security posture of external partners and service providers.
Assist with incident response activities, including coordinating with stakeholders to ensure risks and compliance issues are addressed in a timely manner.
Help to establish corrective action plans for identified issues and follow up to ensure remediation is completed.
Policy and Procedure Development :
Contribute to the creation and maintenance of security-related policies and procedures.
Ensure that policies and controls are communicated effectively to stakeholders and staff, and that proper training is conducted.
Training and Awareness:
Assist in the development and delivery of training programs to raise awareness on risk management, compliance obligations, and security best practices.
Track the completion of required compliance training and ensure ongoing awareness of relevant risks.
Reporting:
Prepare reports and dashboards for senior management, highlighting key risk indicators, audit results, and compliance status.
Provide insights and recommendations based on risk and compliance findings.
Stay up-to-date on evolving regulatory requirements, industry standards, and best practices in risk management and information security.
Identify opportunities for improving the GRC program and participate in initiatives to enhance security and compliance posture.
Required Qualifications:
Bachelor’s degree in Information Security, Business, or a related GRC field.
2-3 years of experience in governance, risk, and compliance roles, preferably within a regulated industry (e.g., healthcare)
Familiarity with regulatory knowledge of GRC frameworks, such as NIST, ISO 27001, COBIT, HIPAA, SOC 2 and PCI-DSS.
Proven experience in conducting risk assessments, managing compliance audits, and implementing GRC solutions.
Strong project management skills, with the ability to lead and execute cross-functional initiatives.
Excellent written and verbal communication skills
Preferred Qualifications:
Master’s degree in Information Security, Business, or a related GRC field
3-5 years of experience in governance, risk, and compliance roles, preferably within a regulated industry (e.g., healthcare)
Professional certifications such as: CGRC (Governance Risk and Compliance Certification) Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM).
Seniority level
Seniority level Entry level
Employment type
Employment type Contract
Job function
Job function Information Technology
Industries Staffing and Recruiting
Referrals increase your chances of interviewing at SGI by 2x
Sign in to set job alerts for “Compliance Analyst” roles.
Compliance Specialist, Conflicts of Interest, Life Sciences
Chicago, IL $122,400.00-$168,300.00 7 hours ago
Chicago, IL $77,600.00-$97,000.00 1 week ago
Chicago, IL $80,000.00-$110,000.00 5 months ago
Chicago, IL $86,000.00-$107,000.00 1 month ago
Greater Chicago Area $275,000.00-$300,000.00 3 days ago
Chicago, IL $112,860.00-$143,900.00 2 weeks ago
Evanston, IL $90,000.00-$180,000.00 1 week ago
Chicago, IL $104,000.00-$140,000.00 1 week ago
Chicago, IL $100,000.00-$120,000.00 2 weeks ago
Oakbrook Terrace, IL $90,000.00-$120,000.00 3 days ago
Schaumburg, IL $55,400.00-$76,200.00 2 weeks ago
Marketplace Appeals & Compliance Analyst
Associate General Counsel, Sanctions Compliance
Chicago, IL $198,000.00-$266,000.00 7 hours ago
Chicago, IL $210,000.00-$275,000.00 3 weeks ago
Chicago, IL $75,000.00-$125,000.00 1 week ago
Chicago, IL $110,000.00-$140,000.00 1 week ago
Chicago, IL $85,000.00-$110,000.00 4 days ago
Chicago, IL $70,251.00-$76,490.00 2 weeks ago
Chicago, IL $80,000.00-$95,000.00 5 months ago
Greater Chicago Area $100,000.00-$145,000.00 1 week ago
Wood Dale, IL $105,000.00-$120,000.00 4 days ago
Evanston, IL $100,000.00-$1,000,000.00 1 month ago
Chicago, IL $120,000.00-$203,000.00 2 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
See details and apply
Governance Risk and Compliance Analyst