×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

IT Risk & GRC Analyst

Job in Southfield, Oakland County, Michigan, 48076, USA
Listing for: Blue Chip Talent
Full Time position
Listed on 2026-01-11
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Position: IT Risk & GRC Analyst - #25437

Overview

We are seeking a Cybersecurity Risk & GRC Analyst to lead and mature our IT and cybersecurity risk management program. This role is best suited for a professional who has owned and led a cyber risk register, defined risk metrics and processes, and performed vendor and third-party security risk assessments.

This is not an audit-only role. While audits and compliance are part of the ecosystem, the primary focus is risk identification, assessment, tracking, and mitigation across the organization.

Key Responsibilities
  • Own and manage the IT/cyber risk register, including:
  • Risk methodology and scoring
  • Metrics, reporting, and dashboards
  • Risk lifecycle management and remediation tracking
  • Lead IT and cybersecurity risk assessments, documenting risks, impacts, likelihood, and treatment plans
  • Support and enhance the vendor and third-party risk management process, including:
  • Reviewing vendor security assessments
  • Mapping vendor controls to internal and external frameworks
  • Supporting cybersecurity reviews during onboarding and renewals
  • Use a GRC platform (Logic Gate) to document and track risks, controls, and assessments
  • Map risks and controls to frameworks such as NIST CSF, ISO 27001, FedRAMP, CCSK
  • Coordinate with internal teams to monitor the effectiveness of security controls
  • Contribute to the development and updates of security policies and standards (policy ownership is not required)
  • Support security incident response activities as needed (supporting role only)
  • Contribute to security and risk requirements for new systems and initiatives
  • Assist with AI risk and governance assessments, aligned to NIST CSF
Required Skills
  • 5+ years of experience in one or more information security domains, such as:
  • Vendor or third-party risk management
  • Security governance or GRC
  • Must have experience leading or owning a cyber risk register
  • Hands-on experience with vendor security assessments and control mapping
  • Strong understanding of risk frameworks and methodologies
  • Familiarity with frameworks such as NIST CSF and ISO 27001
  • Strong communication skills and experience working cross-functionally
Preferred Qualifications
  • Experience supporting Federal agency programs (e.g., FedRAMP)
  • Experience with AI governance or AI risk management
  • Experience with GRC platforms (Logic Gate or similar)
  • One or more certifications:
  • CRISC
  • CISSP
  • CCSK / CSA
Seniority level
  • Mid-Senior level
Employment type
  • Full-time
Job function
  • Analyst
  • Industries:
    Technology, Information and Media

Apply BELOW

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search