← Back to Jobs
Technology
GRC Analyst
Trigent Software, Inc. Account NumberBoston, MA🇺🇸United StatesPosted 15 Jul 2026
Quick Overview
Work Type
On Site
Level
Mid Senior
Job Description
Title: GRC Analyst
Location: Boston, MA (Onsite once in a month)
Duration: 12 Months (Possible Extension)
Summary:
We are seeking a highly analytical and experienced GRC Analyst to lead risk assessments, draft robust security policies, and ensure compliance across global frameworks. In this role, you will bridge the gap between technical security measures and regulatory requirements.
The ideal candidate will have strong hands-on experience conducting Third-Party Risk Assessments, performing comprehensive Gap Analyses, and evaluating Product Risks. Furthermore, given our global footprint, deep familiarity with GDPR alongside standard security frameworks (NIST CSF, ISO 27001) is critical.
Key Responsibilities
The ideal candidate will have strong hands-on experience conducting Third-Party Risk Assessments, performing comprehensive Gap Analyses, and evaluating Product Risks. Furthermore, given our global footprint, deep familiarity with GDPR alongside standard security frameworks (NIST CSF, ISO 27001) is critical.
Key Responsibilities
- Comprehensive Risk Assessments: Conduct end-to-end Risk Assessments (RA) on internal systems, business processes, and emerging products (Product Risk Assessments) to identify and mitigate vulnerabilities.
- Third-Party & Vendor Risk Management (TPRM): Lead security reviews on third-party vendors, partners, and SaaS tools to evaluate their security posture and ensure they meet organizational standards before onboarding.
- Policy Drafting & Governance: Author, update, and implement comprehensive Information Security (IS) policies, standards, and guidelines aligned with industry best practices and global frameworks.
- Regulatory Compliance & GDPR: Ensure continuous compliance with global data privacy regulations, specifically GDPR and US-specific requirements, coordinating closely with legal and privacy teams.
- Gap Analysis & Audit Prep: Execute regular gap analyses against frameworks like NIST CSF and ISO 27001 to identify weaknesses in the current security posture and drive remediation plans.
- Metrics & Reporting: Develop risk registers, track remediation efforts, and prepare performance dashboards for local and global leadership teams.
- Experience: 4+ years of dedicated experience in IT Governance, Risk, and Compliance (GRC) or IT Audit.
- Framework Mastery: Strong working knowledge of NIST CSF, ISO/IEC 27001, and GDPR compliance.
- Hands-on Assessment Skills: Proven experience conducting Third-Party/Vendor Risk Assessments and Product/Application Risk Assessments.
- Technical Writing: Exceptional ability to draft clear, concise, and enforceable Information Security policies from scratch.
- Preferred Certifications: Possession of (or active pursuit of) one or more of the following:
- CISA (Certified Information Systems Auditor)
- CRISC (Certified in Risk and Information Systems Control)
- CISSP (Certified Information Systems Security Professional)
- CIPP/E or CIPM (Certified Information Privacy Professional/Europe)
- Experience working in a global organization with cross-border data transfer requirements.
- Experience in highly regulated industries (e.g., Pharmaceuticals, Biotech, Healthcare, or Finance).
- Familiarity with GRC management tools (e.g., ServiceNow GRC, OneTrust, Archer).
Skills
GDPR
Similar jobs
AI Engineer - W2
Judge Group, Inc. · Chandler, United States
2 minutes agoData Analyst
Motion Recruitment Partners, LLC · Chandler, United States
2 minutes agoSystems Engineer with Security Clearance
Leidos · Fort Meade, United States
2 minutes ago$87.1k - $157.4k/yrData Analyst Supporting the DEA with Security Clearance
FSA · Arlington, United States
2 minutes agoLead Data Engineer
Judge Group, Inc. · New York, United States
2 minutes agoCyber IT Specialist - 1st Shift Lead with Security Clearance
Peraton · Beltsville, United States
2 minutes ago$80k - $128k/yr