GRC Analyst
Listed on 2026-07-05
-
IT/Tech
Cybersecurity, IT Business Analyst, Information Security
Job Description
- Responsible for leading the implementation and administration of a GRC platform (e.g., Vanta), including configuring controls, evidence mapping, and integrations across systems such as AWS and identity platforms.
- Focused on building automation into the GRC program by establishing continuous monitoring and reducing reliance on manual evidence collection.
- Developed and maintained a unified control framework aligned to standards such as SOC 2 and ISO 27001, including defining control requirements, mapping controls across frameworks, and ensuring traceability.
- Established ownership models for controls and systems, improving visibility across teams and reducing audit coordination overhead.
- Supported audit readiness by ensuring controls were well-defined, consistently monitored, and aligned for reuse across multiple frameworks.
- Drove process standardization and continuous improvement by creating documentation, streamlining workflows, supporting policy development, and defining metrics to measure compliance and control effectiveness.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances.
If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
- Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related technical field, or equivalent practical experience
- 5+ years of experience in security, compliance, or audit-focused roles
- Proven experience leading ISO/IEC 27001 and SOC 2 audits end-to-end
- Hands-on experience with a GRC platform (Audit Board, Drata, Vanta, or similar)
- Strong understanding and experience with control frameworks
- Ability to translate technical implementations into audit-ready controls and documentation
- Strong stakeholder management and auditor-facing communication skills
- Experience in cloud-native or SaaS environments (AWS, Azure, or GCP preferred)
- Experience with automation and continuous compliance
- Certifications such as CISSP, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor
- Multi-framework experience
- Experience scaling compliance programs in high-growth environments
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).