×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Security Governance Risk and Compliance Analyst

Job in Okemos, Ingham County, Michigan, 48864, USA
Listing for: Deltadentalin
Full Time position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 85000 - 110000 USD Yearly USD 85000.00 110000.00 YEAR
Job Description & How to Apply Below
Information Security Governance Risk and Compliance Analyst page is loaded## Information Security Governance Risk and Compliance Analyst remote type:
This is a hybrid position, both in-office and remote.locations:
Okemos, MItime type:
Full time posted on:
Posted Yesterday job requisition :
JR101287
*
* Job Title:

** Information Security Governance Risk and Compliance Analyst
** Number of Positions:
** 1
*
* Location:

** Okemos, MI
** Location Specifics:
** Hybrid Position
*
* Job Summary:

** At Delta Dental of Michigan, Ohio, and Indiana we work to improve oral health through benefit plans, advocacy and community support, and we amplify this mission by investing in initiatives that build healthy, smart, vibrant communities. We are one of the largest dental plan administrators in the country, and are part of the Delta Dental Plans Association, which operates two of the largest dental networks in the nation.

At Delta Dental, we celebrate our All In culture. It’s a mindset, feeling and attitude we wrap around all that we do – from taking charge of our careers, to helping colleagues and lending a hand in the community.
** Position Description
** Facilitates the timely completion of internal and external systems audits and assessments on behalf of Delta Dental of Michigan and its affiliates. This position will also help with the daily GRC operations.
** Primary

Job Responsibilities:

*** Partner across ISS teams, departments, and affiliates to interpret technical requirements and map compliance requirements to control implementation, and maintains an understanding across our products of all current and emerging technologies, open system standards, and management technologies as they relate to the support of our business needs.
* Evaluates vendor architectures, data flows, control evidence (SOC reports, pen tests, SIG), and confirming risk treatment for vendor access to sensitive data to support TPRM.
* Drives the completion of third-party audits and helps enable company compliance with customer technical requirements, industry standards, and regulatory requirements. Examples include SOC, HITRUST, HIPAA, CMMC, FedRAMP, GovRAMP, NIST, and PCI.
* Assist with customer and regulatory risk assessments, audits, attestations, and other security information requests.
* Partner closely on security operations tasks with cross-functional teammates in IT, Dev Ops, Engineering, and Test.
* Facilitate technical, operational, and regulatory outcomes across our client portfolio, including continuous monitoring and compliance audits.
* Monitor and analyze security risks and metrics to identify trends, correlations, and variances and recommends improvements as needed.
* Administers the enterprise GRC platform, including control libraries, evidence workflows, and reporting.
* Maintains executive-level reports that provide visibility into key cybersecurity metrics and KPIs.
* Facilitates automation for compliance controls, evidence collection, and compliance artifact generation using Sharepoint and Power Automate.
* Documents gaps in POA&Ms with root cause, technical remediation steps, measurable milestones, and validation criteria; tracks remediation to closure and re-test control effectiveness.
* Analyzes data flow diagrams (DFDs), network diagrams, and solution architectures to confirm trust boundaries, data classifications, encryption paths, and control placement across system components.

Perform other related assigned duties as necessary to complete the Primary

Job Responsibilities as described above.#LI-Hybrid
*
* Minimum Requirements:

** Position requires a bachelor’s degree in information technology or related field and three years’ experience in information technology with compliance and security standards and frameworks, including: GDPR, HIPAA, PCI DSS, CIS Benchmarks and NIST frameworks. CCSP, CISSP, CISA, GCSA, GCPN, GPEN, or similar certifications are preferred. Will accept any suitable combination of education, training, and experience.

Position requires demonstrated technical experience implementing and assessing information security and privacy controls aligned with GDPR, HIPAA, PCI DSS, CIS Benchmarks, and NIST frameworks (e.g., NIST SP…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search