Haystack
← Back to Jobs
Technology

GRC Analyst

Digital Minds Global Technologies Inc.United States🇺🇸United StatesPosted 9 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

GRC (Governance, Risk & Compliance) Analyst

Location: Remote (USA)
Job Type: Contract

Job Summary

We are seeking a detail-oriented GRC Analyst to support and enhance our Governance, Risk, and Compliance program. The ideal candidate will have experience in risk assessments, compliance frameworks, security policies, audits, and third-party risk management. This role requires close collaboration with IT, Security, Legal, and business stakeholders to ensure compliance with regulatory and industry standards.

Key Responsibilities

  • Assist in the development, implementation, and maintenance of Governance, Risk, and Compliance (GRC) programs.

  • Conduct risk assessments and identify security, operational, and compliance risks.

  • Support internal and external audits by gathering evidence and coordinating audit activities.

  • Develop, review, and maintain security policies, standards, procedures, and documentation.

  • Monitor compliance with regulatory requirements and industry frameworks.

  • Perform third-party/vendor risk assessments and monitor remediation activities.

  • Track and manage compliance findings, risks, and corrective action plans.

  • Collaborate with cross-functional teams to implement security and compliance controls.

  • Assist with security awareness and compliance training initiatives.

  • Prepare dashboards, reports, and metrics for management and stakeholders.

  • Support continuous improvement of GRC processes and controls.

Required Qualifications

  • Bachelor''''s degree in Information Technology, Cybersecurity, Computer Science, or a related field.

  • 3+ years of experience in Governance, Risk & Compliance (GRC), Information Security, IT Audit, or Cybersecurity.

  • Strong understanding of risk management principles and compliance programs.

  • Experience with GRC platforms such as Archer, ServiceNow GRC, OneTrust, AuditBoard, or MetricStream.

  • Knowledge of security frameworks and standards including:

    • NIST CSF

    • ISO 27001

    • SOC 2

    • PCI DSS

    • HIPAA

    • SOX

    • GDPR

    • CIS Controls

  • Familiarity with security policies, controls, and regulatory requirements.

  • Excellent analytical, documentation, and communication skills.

  • Ability to work independently in a remote environment.

Preferred Qualifications

  • Professional certifications such as:

    • Certified Information Systems Security Professional (CISSP)

    • Certified Information Security Manager (CISM)

    • Certified in Risk and Information Systems Control (CRISC)

    • Certified Information Systems Auditor (CISA)

    • ISO 27001 Lead Implementer or Lead Auditor

  • Experience supporting cloud security compliance (Azure, AWS, or Google Cloud).

  • Knowledge of vulnerability management and security assessment processes.

Technical Skills

  • Risk Assessment & Risk Register Management

  • Compliance Monitoring

  • Internal & External Audit Support

  • Third-Party Risk Management (TPRM)

  • Policy & Procedure Development

  • Security Control Assessments

  • Incident & Exception Management

  • Vendor Risk Reviews

  • Microsoft Excel, Power BI, and Microsoft Office Suite

  • ServiceNow GRC, Archer, OneTrust, MetricStream, AuditBoard (preferred)

Nice to Have

  • Experience in financial services, healthcare, government, or other regulated industries.

  • Familiarity with cloud compliance frameworks and Zero Trust principles.

  • Experience with AI governance or emerging technology risk assessments.

This sample job description can be tailored for junior, mid-level, or senior GRC Analyst roles depending on your hiring needs.

Skills

AWS
PCI DSS
SOC 2
Azure
GDPR
Google Cloud
HIPAA
Microsoft Excel
Microsoft Office
Power BI
Zero Trust

Similar jobs