Governance Risk Compliance Analyst

Job Summary

A company is looking for a Governance Risk & Compliance Analyst.

Key Responsibilities

• Manage risk and vulnerability assessments, compliance reviews, and audits in accordance with NIST and HITRUST standards
• Lead SOC2 and HITRUST audits, including readiness assessments and audit response
• Maintain an organized, audit-ready repository of evidence and artifacts through GRC platforms

Required Qualifications

• Bachelor's degree in information security or related field
• 5+ years of experience in information security, focusing on risk and compliance
• At least 3+ years of experience managing SOC2 and HITRUST audits
• Thorough understanding of regulatory and compliance requirements, including HIPAA
• Familiarity with GRC tools and best practices, such as Vanta and Drata