Governance Risk & Compliance Analyst Location: Lakewood, CO Work Model: Hybrid - onsite and remote ... Monitor and analyze global regulatory developments related to cybersecurity with a focus on ...
Governance Risk & Compliance Analyst Location: Lakewood, CO Work Model: Hybrid - onsite and remote ... Monitor and analyze global regulatory developments related to cybersecurity with a focus on ...
Director of Cybersecurity Governance, Risk, and Compliance
Westminster, CO ยท On-site
$143K - $225K/yr
The Director of Cybersecurity Governance, Risk, and Compliance (GRC) is accountable for designing, building, and leading enterprisewide cyber risk governance, regulatory compliance strategy, and ...
Director of Cybersecurity Governance, Risk, and Compliance
Westminster, CO ยท On-site
$143K - $225K/yr
The Director of Cybersecurity Governance, Risk, and Compliance (GRC) is accountable for designing, building, and leading enterprisewide cyber risk governance, regulatory compliance strategy, and ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท On-site
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท On-site
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Director of Cybersecurity Governance, Risk, and Compliance
Westminster, CO ยท On-site
$143K - $225K/yr
The Director of Cybersecurity Governance, Risk, and Compliance (GRC) is accountable for designing, building, and leading enterprise-wide cyber risk governance, regulatory compliance strategy, and ...
Director of Cybersecurity Governance, Risk, and Compliance
Westminster, CO ยท On-site
$143K - $225K/yr
The Director of Cybersecurity Governance, Risk, and Compliance (GRC) is accountable for designing, building, and leading enterprise-wide cyber risk governance, regulatory compliance strategy, and ...
Senior Cyber Risk & Compliance Specialist
Greenwood Village, CO ยท On-site
$150K - $170K/yr
Position Summary York Space Systems is seeking a Senior Cyber Risk & Compliance Specialist to support and mature the company's cybersecurity governance, risk, and compliance programs. This individual ...
Senior Cyber Risk & Compliance Specialist
Greenwood Village, CO ยท On-site
$150K - $170K/yr
Position Summary York Space Systems is seeking a Senior Cyber Risk & Compliance Specialist to support and mature the company's cybersecurity governance, risk, and compliance programs. This individual ...
This position is ideal for an early-to-mid career cybersecurity professional seeking to develop expertise in cybersecurity governance, compliance, risk management, and defense industry cybersecurity ...
This position is ideal for an early-to-mid career cybersecurity professional seeking to develop expertise in cybersecurity governance, compliance, risk management, and defense industry cybersecurity ...
Position Summary York Space Systems is seeking a Senior Cyber Risk & Compliance Specialist to support and mature the company's cybersecurity governance, risk, and compliance programs. This individual ...
Position Summary York Space Systems is seeking a Senior Cyber Risk & Compliance Specialist to support and mature the company's cybersecurity governance, risk, and compliance programs. This individual ...
Manager, Cybersecurity Governance and Risk, New York, NY The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Manager, Cybersecurity Governance and Risk, New York, NY The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Manager, Cybersecurity Governance and Risk, Atlanta, GA The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Manager, Cybersecurity Governance and Risk, Atlanta, GA The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท Hybrid
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท Hybrid
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Cyber Security Governance, Risk, Compliance Manager - VP
Tampa, FL ยท Hybrid
$104K - $141K/yr
Monitor and evaluate emerging risk, internal operational trends, and external risk events for ... with cybersecurity governance model. Qualifications: * At least 10 years' experience in a ...
Cyber Security Governance, Risk, Compliance Manager - VP
Tampa, FL ยท Hybrid
$104K - $141K/yr
Monitor and evaluate emerging risk, internal operational trends, and external risk events for ... with cybersecurity governance model. Qualifications: * At least 10 years' experience in a ...
Bachelor's degree in Cybersecurity, Information Security, Information Technology, Business, or a ... Governance and risk management * Regulatory compliance * Audit and control management * Data ...
Bachelor's degree in Cybersecurity, Information Security, Information Technology, Business, or a ... Governance and risk management * Regulatory compliance * Audit and control management * Data ...
Manager, Cybersecurity Governance and Risk, Washington, DC The Manager, Cybersecurity Governance ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Manager, Cybersecurity Governance and Risk, Washington, DC The Manager, Cybersecurity Governance ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Cyber Security Governance, Risk, Compliance Manager - VP
Tempe, AZ ยท Hybrid
$106K - $143K/yr
Monitor and evaluate emerging risk, internal operational trends, and external risk events for ... with cybersecurity governance model. Qualifications: * At least 10 years' experience in a ...
Cyber Security Governance, Risk, Compliance Manager - VP
Tempe, AZ ยท Hybrid
$106K - $143K/yr
Monitor and evaluate emerging risk, internal operational trends, and external risk events for ... with cybersecurity governance model. Qualifications: * At least 10 years' experience in a ...
Bachelor's degree in Cybersecurity, Information Security, Information Technology, Business, or a ... Governance and risk management * Regulatory compliance * Audit and control management * Data ...
Bachelor's degree in Cybersecurity, Information Security, Information Technology, Business, or a ... Governance and risk management * Regulatory compliance * Audit and control management * Data ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท Hybrid
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท Hybrid
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท Hybrid
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Director, Cybersecurity Governance, Risk, and Compliance (GRC)
Dallas, TX ยท Hybrid
$47K - $63K/yr
ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader ...
Manager, Cybersecurity Governance and Riskm Chicago, IL The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Manager, Cybersecurity Governance and Riskm Chicago, IL The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Cyber Security Governance, Risk, Compliance Manager - VP
Jersey City, NJ ยท Hybrid
$115K - $156K/yr
Monitor and evaluate emerging risk, internal operational trends, and external risk events for ... with cybersecurity governance model. Qualifications: * At least 10 years' experience in a ...
Cyber Security Governance, Risk, Compliance Manager - VP
Jersey City, NJ ยท Hybrid
$115K - $156K/yr
Monitor and evaluate emerging risk, internal operational trends, and external risk events for ... with cybersecurity governance model. Qualifications: * At least 10 years' experience in a ...
Manager, Cybersecurity Governance and Risk, New York, NY The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Manager, Cybersecurity Governance and Risk, New York, NY The Manager, Cybersecurity Governance and ... risk and compliance (GRC) practices and technologies across governance, process and technical ...
Cybersecurity Governance Risk Compliance information
See salary details
$23K - $34.6K
0% of jobs
$34.6K - $46.2K
0% of jobs
$46.2K - $57.8K
1% of jobs
$57.8K - $69.4K
2% of jobs
$69.4K - $81K
2% of jobs
$81K - $92.5K
8% of jobs
$99.9K is the 25th percentile. Wages below this are outliers.
$92.5K - $104.1K
18% of jobs
The median wage is $114.8K / yr.
$104.1K - $115.7K
20% of jobs
$126.9K is the 75th percentile. Wages above this are outliers.
$115.7K - $127.3K
24% of jobs
$127.3K - $138.9K
18% of jobs
$138.9K - $150.5K
6% of jobs
$23K
$113.7K
$150.5K
How much do cybersecurity governance risk compliance jobs pay per year?
What is the difference between Cybersecurity Governance Risk Compliance vs Cybersecurity Analyst?
| Aspect | Cybersecurity Governance Risk Compliance | Cybersecurity Analyst |
|---|---|---|
| Certifications | CISA, CISSP, CISM | CompTIA Security+, CISSP, CEH |
| Work Environment | Policy development, audits, compliance frameworks | Monitoring security systems, incident response |
| Employer & Industry Usage | Organizations with compliance needs, regulatory bodies | IT security teams, cybersecurity firms |
While Cybersecurity Governance Risk Compliance focuses on establishing policies, ensuring regulatory adherence, and managing risks, Cybersecurity Analysts primarily monitor security systems, analyze threats, and respond to incidents. Both roles are essential in a comprehensive cybersecurity strategy but differ in scope and daily responsibilities.
What are the key skills and qualifications needed to thrive as a Cybersecurity Governance, Risk, and Compliance (GRC) professional, and why are they important?
What are some typical challenges faced by professionals in Cybersecurity Governance, Risk, and Compliance (GRC) roles?
What is Cybersecurity Governance, Risk, and Compliance (GRC)?
- Entry Level Governance Risk Compliance
- Compliance Risk Analyst
- Governance Risk Compliance Manager
- Entrylevel Governance Risk Compliance
- Governance Risk Compliance
- Governance Risk And Compliance Analyst
- Freelance Governance Risk Compliance
- Overnight Governance Risk Compliance
- It Risk Compliance
- Governance Risk Compliance Analyst

Contractor
Medical, Dental, Vision, Life, Retirement
Posted 16 days ago
Job description
Job Title: Governance Risk & Compliance Analyst Location: Lakewood, CO Work Model: Hybrid โ onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in Lakewood, CO. The GRC Analyst is a member of the Governance, Risk & Compliance function within the Global Information Security Office and supports the implementation of company?wide security governance, risk management, and compliance programs. Under the direction of the GRC Functional Leader, the analyst contributes to policy development, risk oversight, and continuous improvement of the organizationโs security posture. The role also works closely with regional Information Security Officers (ISOs) and cross?functional teams to support the deployment of global standards and local regulatory requirements. Responsibilities
- Support information security risk assessments for new projects, systems, and business processes.
- Assist in conducting internal control reviews (e.g., J?SOX), preparing audit materials, and coordinating responses to internal and external auditors.
- Track and follow up on remediation actions to ensure timely closure of identified risks.
- Contribute to drafting, updating, and maintaining global information security policies, standards, and procedures.
- Review relevant laws, regulations, and industry frameworks (e.g., ISO 27001, NIS2) and incorporate stakeholder feedback into documentation.
- Support the rollout and implementation of policies across regions.
- Monitor adherence to security and regulatory requirements, including ISO 27001, NIS2, and GDPR.
- Collect and organize compliance evidence, track corrective actions, and support certification and regulatory readiness efforts such as ISO 27001/42001 and NIS2 programs.
- Conduct third party security risk assessments by distributing questionnaires, analyzing responses, verifying controls, and documenting results in the GRC tracking systems.
- Identify and escalate high risk findings to the GRC Functional Leader and support follow up mitigation activities.
- Participate in the planning and implementation of security awareness programs for all associates.
- Create e-learning materials and training materials, conduct phishing email exercises, and distribute disseminated content on internal portals.
- Monitor and analyze global regulatory developments related to cybersecurity with a focus on industrial control systems (ICS), IT environments, and critical infrastructure.
- Assist in evaluating how new or updated regulations (e.g., NIS2, FDA cybersecurity expectations, industrial cybersecurity standards, or country specific critical infrastructure laws) impact company operations.
- Track emerging obligations, document requirements, and support gap assessments to ensure timely compliance.
- Assist in the preparation, maintenance, and continuous improvement of the CISO Dashboard by collecting, validating, and analyzing security metrics across the Global GRC function.
- Compile key performance indicators (KPIs) and key risk indicators (KRIs) related to compliance status, audit findings, supplier risk, incident trends, training completion, regulatory readiness, and other relevant security domains.
- Support the visualization and communication of security posture to senior leadership by ensuring data accuracy, timely updates, and clarity in reporting.
- Support the development and enforcement of governance controls for the secure use of artificial intelligence technologies across the organization.
- Identify risks related to AI systemsโsuch as model security, algorithmic integrity, and misuseโand contribute to risk assessments and mitigation plans.
- Help evaluate third party AI tools.
- Support the development and improvement of GRC processes, tools, and documentation to enhance operational efficiency and standardization.
- Assist in preparing reports, presentations, and materials for leadership reviews, steering committees, and cross functional meetings.
- Participate in internal security projects and initiatives, including process automation, metrics development, and enhancements to governance workflows.
- Provide coordination and administrative support for security committees, working groups, and regional GRC activities.
- Perform additional duties as assigned to support the Global Information Security Office and the broader GRC program.
- 3 to 5+ years of experience in information security, governance, risk management, compliance, IT audit, or a related discipline.
- Experience supporting security programs in global or regulated environments is a plus.
- Understanding of global and regional information security regulations (e.g., data protection laws, cybersecurity requirements) and familiarity with security frameworks such as ISO 27001.
- Knowledge of internal control frameworks (e.g., JSOX) and IT governance practices is highly desirable.
- Experience supporting audit activities is preferred.
- Experience with risk assessment methodologies, control evaluation, and vulnerability or issue management processes.
- Strong analytical and problem-solving skills, with the ability to identify risks, assess impacts, and support the development and tracking of corrective actions.
- Ability to communicate security requirements, policies, and audit findings clearly and persuasively with stakeholders across regions and business units.
- Strong coordination skills to build consensus and drive compliance.
- Industry certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or similar are preferred but not required.
- Bachelorโs degree in information security, Cybersecurity, Information Systems, Computer Science, or a related field; or equivalent professional experience.
- Familiarity with governance, risk, and compliance tools (e.g., BitSight, Drata, OneTrust, Archer, or similar) for managing risks, audits, and compliance workflows.
- Working knowledge of cybersecurity concepts such as identity and access management, endpoint protection, vulnerability management, cloud security, and secure system design.
- Experience supporting cross-functional security or compliance initiatives, including requirements gathering, documentation, and progress tracking.
- Ability to interpret risk metrics, compliance data, and audit results.
- Experience with dashboards, KPI/KRI reporting, or data visualization tools is a plus.
- Awareness of emerging cybersecurity regulations (e.g., NIS2, AI governance frameworks, critical infrastructure rules) and their potential impact on enterprise operations.
System One, and its subsidiaries including Joulรฉ and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan. System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law. #M-1 #LI-SG1 Ref: #558-Scientific