100% Remote - Governance Risk and Compliance (GRC) Analyst - Contract to Hire
100% Remote Contract to Hire role Key Responsibilities
- Support the design, execution, and continuous improvement of Governance, Risk, and Compliance (GRC) programs across IT and business processes
- Perform IT risk assessments, identify control gaps, and assist with remediation planning and tracking
- Support SOX ITGCs, SOC, and internal audits, including walkthroughs, testing coordination, evidence collection, and audit response management
- Evaluate and document control design and operating effectiveness for access, change management, and IT operations controls
- Support access governance activities, including user access reviews, role reviews, segregation of duties (SoD) analysis, and exception tracking
- Assist with policy, standard, and procedure development, ensuring alignment with regulatory and industry requirements
- Track and manage risk issues, audit findings, and remediation actions, ensuring appropriate ownership and timely closure
- Support third-party and contractor access governance, including risk assessments and periodic reviews
- Maintain accurate and audit-ready documentation, risk registers, control matrices, and compliance artifacts
- Communicate risk, control gaps, and compliance requirements clearly to technical and non-technical stakeholders Core Skills
- IT Audit & Controls
- Access & Identity Governance
- Risk Assessment & Remediation
- Policy & Control Documentation Tools/Frameworks
- NIST/COBIT/RMF/CSF
- Experience with GRC tools (ServiceNow GRC, Archer, SecurEnds, Saviynt, etc.)
Required Qualifications
- Bachelor’s degree
- 3-5+ years of experience in GRC, IT Risk, Compliance, or Audit
- Strong understanding of IT general controls (access, change, operations)
- Experience supporting audits and compliance reviews
- SOX Experience
- SOC Experience
- preferred - NYSDFS Experience (New York State Department of Financial Services)
- preferred - FLOIR Experience (Florida Office of Insurance Regulation (OIR))
- Strong documentation and communication skills Remote Skills Access Control, Analysis Skills, Auditing, Business Processes, Change Management, Communication Skills, Consulting, Continuous Improvement, Contract Analysis, Control Objectives for Information and related Technology (COBIT), Document Control, Document Management, Documentation, Financial Services, Information Technology/Systems Audit, Insurance Regulations, Internal Audit, Policy Development, Procedure Development, Regulations, Regulatory Compliance, Risk, Risk Analysis, Risk Control Matrix, Risk Management, Sarbanes-Oxley Act (SOX), ServiceNow, Standards Development, Time Management, U.S. National Institute of Standards and Technology (NIST)
About the Company
Experienced Recruiting Partners Apply tot his job Apply To this Job Apply tot his job Apply To this Job