Governance, Risk & Compliance; GRC Analyst
Listed on 2026-07-08
-
IT/Tech
Cybersecurity, IT Consultant, Information Security, Data Security
Location: St. Peters
Governance, Risk & Compliance (GRC) Analyst
Job Category: Information Technology
Requisition Number: GOVER
001449
- Posted :
July 1, 2026 - Full-Time
- Hybrid
Showing 1 location
Join our team as a GRC Analyst and play a key role in regulatory compliance, IT risk management, security. You'll assess risks, support audits, and develop policies that align with industry standards. If you have a solid IT security background, experience in regulating environments (healthcare/finance), and a proactive mindset, we want to hear from you! Ready to make an impact? Apply now!
Position Summary:
In this role, you will play a critical part in ensuring our organization adheres to client and regulatory requirements while identifying and managing technology risks effectively. Work performed by this individual results in the measurable reduction of costs and/or risks relating to risk management and controls. The ideal candidate will possess practical experience across multiple IT and security domains as well as experience working in highly regulated environments, particularly healthcare and financial services.
This position may require occasional work after-hours or on weekends. Management reserves the ability to request other functions from this position. Exceptional customer service, written, and oral communication skills are a must.
The duties listed below are intended to describe the general nature and level of work performed by employees in this position. They are not to be construed as an exclusive list of all job functions performed in this position.
IT Compliance- Work with Legal, Privacy, and Compliance to monitor and assess client and regulatory requirement changes to ensure that the IT program fulfills client and regulatory obligations.
- Collaborate with cross-functional teams to communicate, implement, and maintain IT compliance initiatives.
- Assist leadership with development and maintenance of departmental policies and procedures.
- Conduct internal and external risk assessments to identify potential threats and vulnerabilities.
- Develop, maintain, and perform outbound assessments to vendors, suppliers, and partners.
- Evaluate the impact and likelihood of identified risks.
- Accurately respond to inbound assessments from clients and regulators.
- Work closely with business units to develop and implement risk mitigation strategies.
- Maintain the IT Risk Register.
- Conduct audits to assess IT compliance with policies, standards, and regulations.
- Coordinate user entitlement reviews and assist with ensuring data safeguards and controls are in place.
- Develop and implement monitoring programs to track compliance and risk metrics.
- Collaborate with internal and external auditors during scheduled audits.
- Document audit procedures performed ensuring audit methodology is consistently followed and conclusions are appropriately reached.
- Assist cyber incident handling as part of the computer incident response team.
- Assist in the maintenance, governance, and execution of Threat and Vulnerability Management processes.
- Assist in the scoping, solution, design, and implementation of operational security projects.
- Maintain Subject Matter Expertise knowledge in relevant tools and services.
- Assist in the maintenance and testing of various plans, policies, and procedures for IT and Security, including but not limited to Incident Response, Disaster Recovery, Business Continuity.
- Generate and maintain regular reports for management review, including program level metrics and KPIs.
- Bachelor's degree in information systems, computer science, or other relevant discipline strongly preferred.
- 3+ years of experience working in a similar industry or within a consulting firm.
- Experience reviewing and completing security questionnaires.
- Experience reviewing compliance and security reports (SOC 2, PCI, ISO, etc.)
- Experience working cross-functionally to achieve objectives.
- Prior practical experience in one or more of, application security, security threat, and vulnerability…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).