GRC Analyst

Overview

The Governance, Risk, and Compliance (GRC) Analyst provides support for the development, implementation, and maintenance of security controls, working cross-functionally to ensure regulatory compliance requirements are met, managing risk, and maintaining a strong security posture.

• Assist in the development, update, review, and maintenance of security and compliance policies, standards, guidelines, and procedures.
• Support internal and external audits (e.g. SOC 2, HIPAA)
• Track and maintain alignment of controls with industry frameworks (e.g. SOC 2, HIPAA, NIST CSF) using Drata
• Optimize Drata environment, automating controls and reporting
• Assist with regulatory reporting and compliance documentation
• Conduct vendor risk assessments and due diligence reviews
• Monitor third-party compliance with regulatory obligations
• Track remediation efforts and ensure timely closure of findings
• Conduct risk assessments and support risk mitigation planning
• Maintain risk register and support risk tracking and reporting
• Monitor user adherence to acceptable use, least privilege access, and data retention and security policies
• Promote company culture of security and compliance awareness

• B.S. or equivalent in Computer Science, Information Science & Technology, or related field or equivalent work experience required.
• Security certifications highly desired.

• At least three years experience in Governance, Risk, and Compliance work required.
• Experience working in a highly regulated environment
• Experience in HIPAA, HITECH, and SOC 2 compliance environments
• Experience working with GRC platforms, such as Drata
• Familiarity with NIST SP 800 series, ISO/IEC 27000 series, and similar frameworks.
• Excellent oral, written, and interpersonal skills with the ability to influence and work effectively with diverse groups of peers and business partners
• Detail oriented with a demonstrated ability to work on multiple tasks simultaneously with strong organizational and prioritization skills

• Job Knowledge
• Time Management
• Accountability
• Communication
• Initiative
• Customer Focus

This is a standard desk role – long periods of sitting and working on a computer are required.

Remote

The company has reviewed this job description to ensure that essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate.

Compensation is not limited to base salary. Allied values our Total Rewards, and offers a competitive Benefit Package including, but not limited to, Medical, Dental, Vision, Life & Disability Insurance, Generous Paid Time Off, Tuition Reimbursement, EAP, and a Technology Stipend.

Allied reserves the right to amend, change, alter, and revise pay ranges and benefits offerings at any time. All applicants acknowledge that by applying to the position you understand that the specific pay range is contingent upon meeting the qualification and requirements of the role, and for the successful completion of the interview selection and process. It is at the Company s discretion to determine what pay is provided to a candidate within the range associated with the role.