Information Security GRC Analyst

Job description

Information Security GRC Analyst This is a fully remote position PURPOSE: We are looking for a motivated and detail-oriented Information Security GRC Analyst to join our growing cybersecurity practice. In this role, you will support clients in building and maturing their governance, risk, and compliance programs, helping them navigate complex regulatory landscapes and reduce cyber risk. This is an excellent opportunity for early-career professionals looking to develop deep expertise across GRC frameworks, security controls, and client advisory work. RESPONSIBILITIES: - Assist in the development, implementation, and assessment of information security policies, standards, and procedures aligned to industry frameworks and regulatory compliance (HIPAA, SEC, FTC, NIST CSF, ISO 27001, SOC 2, CMMC, etc.) - Assist with risk assessments, gap analyses, and control evaluations across multiple client engagements simultaneously across various industries - Participate in the development of risk registers, risk treatment plans, and remediation roadmaps - Assist with third-party/vendor risk assessments and due diligence activities - Document findings, prepare client-facing reports, and contribute...