Senior Governance, Risk & Compliance (GRC) Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Optimize Search Group · 17 hours ago

Senior Governance, Risk & Compliance (GRC) Analyst

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$100K/yr - $120K/yr
date8+ years exp

Optimize Search Group is seeking a Senior Governance, Risk & Compliance (GRC) Analyst to develop, implement, and manage their governance, risk, and compliance programs. The role involves ensuring adherence to regulatory standards and overseeing the enterprise cyber risk management framework while collaborating with various stakeholders to promote a culture of security and compliance.

Staffing & Recruiting
badNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Lead and maintain SOC 2 and HITRUST certification programs, including readiness assessments, gap analysis, remediation planning, and audit coordination
Develop and maintain policies, procedures, and controls to meet compliance requirements
Serve as the primary liaison with external auditors and certification bodies
Design and implement a comprehensive cyber risk management program aligned with industry best practices and regulatory requirements
Conduct risk assessments, identify vulnerabilities, and recommend mitigation strategies
Maintain risk registers and provide regular reporting to executive leadership
Establish and enforce governance frameworks for information security and compliance
Ensure alignment of GRC activities with organizational objectives and regulatory obligations
Monitor emerging regulations and standards, advising leadership on potential impacts
Consult with the Chief Information Security Officer in support of senior management to ensure that security activities are taking place on an appropriate and ongoing basis
Collaborate with IT, Security, Legal, and Business teams to ensure compliance and risk management objectives are met
Provide training and awareness programs to promote compliance and risk-conscious behavior across the organization

Qualification

SOC 2 certificationHITRUST certificationCyber risk managementNIST frameworkISO 27001Regulatory complianceGRC platforms knowledgeMicrosoft Office SuiteAnalytical skillsOrganizational skillsCommunication skillsProject managementTime management

Required

Bachelor's degree in Information Security, Risk Management, related field, or equivalent experience
8+ years in information security, compliance, or risk management roles
Proven experience managing SOC 2 and HITRUST programs
Strong understanding of cybersecurity frameworks (NIST, ISO 27001, etc.)
Excellent knowledge of regulatory requirements and audit processes
Strong analytical, organizational, and communication skills
Ability to work independently and influence cross-functional teams
Superior project management – must effectively develop and manage project plans
Expert time management skills
Must be at least 18 years of age
Able to read, write and speak English
Successfully pass and maintain acceptable background checks and security clearances

Preferred

One or more of: CISSP, CISA, CISM, CRISC certifications preferred
Knowledge of GRC platforms, tooling, and automation are a plus

Company

Optimize Search Group

twitter
company-logo
Optimize Search Group is a leading talent solutions provider focused on creating partnerships that drive results for our clients and candidates in our specialty areas in Information Technology, Accounting and Finance, Legal, and Executive Search.
location
Dallas, Texas, US
people-size11-50 employees
web-link
https://optimizesg.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Andre Hardowin
Senior Partner | Technical Recruiting
linkedin
leader-logo
Anthony Catalano
Partner - Retained and Executive Search
linkedin
Company data provided by crunchbase