Job Title: GRC Analyst
Location: Downtown Dallas, TX
Employment Type: Full-Time

We are seeking an experienced GRC Analyst to join our team in Downtown Dallas. This role is responsible for ensuring compliance with various regulatory frameworks, conducting risk assessments, and implementing effective governance, risk, and compliance (GRC) strategies.

Responsibilities:

• Analyze and interpret regulatory requirements, industry standards, and best practices related to information security, privacy, and compliance (e.g., NIST, ISO, HITRUST, SOC 2).
• Conduct risk assessments, identify potential vulnerabilities, and develop mitigation plans to address identified risks.
• Collaborate with cross-functional teams to implement and maintain GRC programs, policies, and procedures.
• Utilize GRC platforms and tools to streamline compliance processes, monitor controls, and generate reports.
• Assist in preparing for and participating in external audits, such as SOC 2 Type 2 audits.
• Provide guidance and training to internal stakeholders on GRC-related topics.
• Stay up-to-date with emerging trends, regulations, and industry best practices in the GRC domain.

Qualifications:

• Bachelor's degree in a relevant field (e.g., Information Security, Computer Science, Risk Management) or equivalent professional experience.
• Minimum of 3 years of experience in a GRC analyst or related role.
• Strong knowledge of HITRUST, SOC 2, NIST, ISO, and other relevant frameworks and standards.
• Hands-on experience with GRC platforms and tools (e.g., RSA Archer, ServiceNow GRC, MetricStream).
• Familiarity with risk assessment methodologies and compliance management processes.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work in a fast-paced environment and manage multiple priorities effectively.