GRC Analyst

Job Title: GRC Analyst
Location: Houston, TX, 77002 (Onsite 4x per week)
Department: Information Security / Risk & Compliance / IT Governance
Job Type: 6-month contract-to-hire
Work Requirements: US Citizens, GC Holders, or Authorized to work in the US.

About the Role
INSPYR Solutions is looking to add a detail-oriented and analytical GRC Analyst to help develop, support, and enhance our cybersecurity governance, risk management, and compliance programs. As a key member of the security team, you will be responsible for managing security policies, supporting internal audits, maintaining compliance frameworks, and ensuring that our organization meets regulatory, contractual, and security obligations.

Qualified and interested candidates should email their resumes to Slater Davidson at .

Key Responsibilities

• Be part of the implementation of NIST CSF, keeping an eye toward ISO 27001. Support compliance with NERC CIP.
• Skilled in preparing documentation and processes for internal, external, and regulatory audits
• Support policy governance processes, including reviews, updates, version control, and internal communications.
• Monitor changes in regulations and security standards and assess the impact on current controls.
• Assist with audit readiness and execution for external audits and certifications (e.g., ISO 27001, NERC CIP).
• Coordinate and track remediation of findings from internal assessments, audits, and security reviews.
• Maintain documentation and evidence required to demonstrate compliance with internal controls and external regulations.
• Identify, assess, and document security and compliance risks across systems, vendors, and processes.
• Support the risk management lifecycle, including risk identification, analysis, treatment plans, and reporting.
• Manage risk registers and provide regular updates to leadership on the risk posture.
• Support vendor risk assessment process by reviewing security questionnaires, certifications, and contracts.
• Collaborate with procurement and legal teams to evaluate and onboard third-party vendors with appropriate risk controls.
• Develop dashboards, reports, and metrics to track compliance status, audit progress, and control effectiveness.
• Prepare executive reports and materials for internal risk and governance committees.
• Act as the Change Advisory Board manager, overseeing the IT change process.

Required Skills & Experience

• Bachelor's degree in Information Security, Risk Management, Business, or related field (or equivalent work experience).
• 2–4 years of experience in a GRC, audit, compliance, or risk management role.
• Familiarity with security frameworks and standards (e.g., NIST CSF, ISO 27001, SOC 2, PCI DSS).
• Understanding of regulatory requirements (e.g., GDPR, CCPA).
• Strong organizational and documentation skills with attention to detail.

Preferred Qualifications

• Security or GRC certifications such as CISA, CRISC, ISO 27001 Lead Implementer, or CISSP.
• Experience with GRC platforms (e.g., One Trust, Archer, Tugboat Logic, Service Now GRC).
• Exposure to enterprise environments and cloud infrastructure (e.g., AWS, Azure).
• Excellent verbal and written communication skills with the ability to present complex information clearly.

Information collected and processed through your application with INSPYR Solutions (including any job applications you choose to submit) is subject to INSPYR Solutions’ Privacy Policy and INSPYR Solutions’ AI and Automated Employment Decision Tool Policy: . By submitting an application, you are consenting to being contacted by INSPYR Solutions through phone, email, or text.