GRC Analyst
Job Description
Navigating the complex landscape of governance, risk, and compliance is essential for any organization. As a GRC Analyst, you will empower AI to become a trusted advisor, capable of interpreting regulatory requirements, assessing organizational risk, and ensuring adherence to critical compliance frameworks.
Key Responsibilities
Evaluate AI outputs related to the interpretation and application of major GRC frameworks (e.g., SOC 2, ISO 27001, NIST CSF, HIPAA, PCI DSS).
Assess the accuracy and relevance of AI-generated risk assessments, control mappings, and compliance gap analyses.
Provide detailed feedback on AI's ability to articulate regulatory requirements and their impact on business operations.
Develop benchmark scenarios for AI to analyze, covering topics like internal audit findings, vendor risk management, and policy enforcement.
Validate AI's explanations of control objectives, common audit evidence, and remediation strategies for non-compliance.
Refine AI's understanding of GRC tool integration and its role in continuous compliance monitoring.
Ideal Qualifications
Minimum 5 years of experience in Governance, Risk, and Compliance (GRC) roles.
Certifications such as CISA, CISM, CRISC, or CISSP are highly preferred.
Proven experience implementing or auditing against frameworks like SOC 2, ISO 27001, NIST 800-53, or GDPR.
Strong understanding of enterprise risk management principles and control assessment methodologies.
Familiarity with GRC platforms (e.g., ServiceNow GRC, LogicManager, Archer) is a plus.
Excellent written communication skills for articulating complex regulatory and risk concepts.
Project Timeline
Start Date: Within 1 week
Duration: 6 months (renewable)
• Commitment: Part-time, 20-30 hours/week
Shape AI's understanding of GRC excellence – join our expert team!