1

Cybersecurity Grc Jobs (NOW HIRING)

The Cybersecurity GRC Analyst works closely with IT, Internal Audit, Compliance, Procurement, and business stakeholders to help ensure cybersecurity requirements are defined, documented, assessed ...

Director, Cybersecurity & GRC

Berkeley, CA · On-site

$199K - $293K/yr

Role Description As Form Energy matures and scales, the Director of Cybersecurity & GRC builds and leads our cybersecurity and IT governance, risk, and compliance programs. This is a CISO-track ...

Senior Cybersecurity GRC Analyst Position Description : Protingent Staffing has an exciting contract Senior Cybersecurity GRC Analystwith our client located in San Jose, CA. Job Responsibilities:

Cybersecurity GRC Compliance Lead

Chicago, IL · On-site

$114K - $154K/yr

The Cybersecurity GRC Compliance Lead will act as a subject matter expert in delivering compliance and assurance initiatives, coordinating cyber controls information, and engaging with stakeholders ...

next page

Showing results 1-20

Cybersecurity Grc information

See salary details

$38.5K

$58.2K

$87K

How much do cybersecurity grc jobs pay per year?

As of Jul 7, 2026, the average yearly pay for cybersecurity grc in the United States is $58,171.00, according to ZipRecruiter salary data. Most workers in this role earn between $48,000.00 and $64,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals in Cybersecurity GRC roles, and how can they be addressed?

Professionals in Cybersecurity GRC (Governance, Risk, and Compliance) often encounter challenges such as keeping up with evolving regulatory requirements, balancing business objectives with security mandates, and fostering collaboration between IT, legal, and business teams. These challenges can be addressed by staying current with industry standards, utilizing automated tools for compliance tracking, and building strong communication channels across departments. Proactively engaging stakeholders and fostering a culture of security awareness also play a crucial role in overcoming these obstacles and ensuring effective risk management.

What is Cybersecurity GRC?

Cybersecurity GRC stands for Governance, Risk, and Compliance in the context of cybersecurity. It involves establishing frameworks and processes to ensure an organization's information security aligns with business objectives, regulatory requirements, and risk management strategies. Professionals in this field help identify and manage security risks, create policies and controls, and ensure compliance with laws and standards such as GDPR, HIPAA, or ISO 27001. The goal of Cybersecurity GRC is to protect the organization’s digital assets while enabling responsible growth and innovation.

What are the key skills and qualifications needed to thrive as a Cybersecurity GRC (Governance, Risk, and Compliance) professional, and why are they important?

To thrive as a Cybersecurity GRC professional, you need a solid understanding of cybersecurity frameworks, risk management principles, and regulatory compliance, often supported by a degree in information security or a related field. Familiarity with tools like GRC platforms (e.g., RSA Archer, ServiceNow), as well as certifications such as CISSP, CISM, or CRISC, is typically required. Strong analytical skills, attention to detail, and effective communication are crucial soft skills for collaborating with stakeholders and translating technical risks into business implications. These competencies ensure organizations can proactively manage cyber risks, meet regulatory requirements, and maintain trust with clients and partners.

Is GRC in high demand?

Cybersecurity GRC (Governance, Risk, and Compliance) professionals are in high demand due to increasing cybersecurity regulations and the need for organizations to manage risks effectively. Employers seek candidates with knowledge of compliance frameworks, risk management, and security policies, often requiring certifications like CISA or CISSP. The role offers strong job growth prospects across various industries as cybersecurity threats continue to evolve.

What is the difference between Cybersecurity Grc vs Cybersecurity Analyst?

AspectCybersecurity GrcCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentPolicy development, risk management, complianceThreat detection, incident response, vulnerability assessment
Employer & Industry UsageOrganizations focusing on governance and complianceSecurity operations centers, IT departments

Cybersecurity Grc professionals focus on establishing policies, managing risks, and ensuring compliance with regulations. In contrast, Cybersecurity Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the cybersecurity field, Grc roles are more strategic and policy-oriented, whereas Analysts are more technical and operational.

Can you make $200,000 in cyber security?

Cybersecurity GRC (Governance, Risk, and Compliance) professionals can potentially earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISA, and leadership roles such as security managers or directors. Salary levels vary based on industry, location, and company size, with senior positions often reaching or exceeding this threshold.

What is the role of GRC in cybersecurity?

In cybersecurity, GRC (Governance, Risk Management, and Compliance) professionals develop and implement policies to ensure organizations meet security standards, manage risks, and comply with regulations. They use frameworks like ISO 27001 and tools such as risk assessments and audits to protect information assets and support security strategies.

How much do cyber GRC specialists make?

Cybersecurity GRC (Governance, Risk, and Compliance) specialists typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior roles or those with advanced certifications like CISSP or CISA can earn higher salaries, especially in larger organizations or high-demand markets.
More about Cybersecurity Grc jobs
What cities are hiring for Cybersecurity Grc jobs? Cities with the most Cybersecurity Grc job openings:
What are the most commonly searched types of Cybersecurity Grc jobs? The most popular types of Cybersecurity Grc jobs are:
What states have the most Cybersecurity Grc jobs? States with the most job openings for Cybersecurity Grc jobs include:
Infographic showing various Cybersecurity Grc job openings in the United States as of July 2026, with employment types broken down into 92% Full Time, 5% Part Time, and 3% Contract. Highlights an 79% Physical, 5% Hybrid, and 16% Remote job distribution, with an average salary of $58,171 per year, or $28 per hour.

Cyber Security GRC Analyst

LIPAPRD

Old Bethpage, NY • Hybrid

Other

Medical, Dental, Vision, Life, Retirement, PTO

Posted 6 days ago


Job description

Requisition:  82464

PSEG Company:  PSEG Long Island

Salary Range: $ 93,600 - $ 148,200

Work Location Category: Hybrid Fixed

We're one of the country's largest energy companies, with a vision of powering a future where people use energy more efficiently and it's safer and delivered more reliably than ever. We're also deeply connected to the communities we serve, with more than 13,000 employees working together to support our customers and make a difference every day.

Here, you'll have the stability and exciting opportunities that come with being a Fortune 500 company - along with a supportive, friendly work environment where your contributions are valued. We know life isn't one-size-fits-all, and neither is work. That's why we offer flexible work options depending on the role. 
In support of this model, roles have been categorized into one of three work location categories:
1. Onsite - roles where employees are expected to be onsite daily.
2. Hybrid fixed - roles that are a mix of remote work and onsite work fixed days each week.
3. Hybrid flexible - roles that are a mix of remote work and onsite work, but the onsite requirements have greater flexibility. (i.e. 5-8 days a month vs. set days each week).

As an employee, if you are regularly scheduled to work 20 or more hours per week, you will have access to a wide range of comprehensive benefits designed to support your total well-being: medical, dental, vision, paternal leave and family leave programs, behavioral health programs, 401(k) with company match, life insurance, tuition reimbursement, and generous paid time off.

More than 13,000 people already call PSEG their work home, taking pride in providing safe, reliable service to millions of customers. If you're looking for a place where you can build a meaningful career and help power and support our communities, we'd love to welcome you to the team.

PSEG is not offering visa sponsorship for this position.

Job Summary

This position supports the organization's cybersecurity governance, risk, and compliance program through governance oversight, policy lifecycle management, standards alignment, risk and control assessments, audit coordination, compliance validation, issue remediation tracking, third-party risk review, and executive reporting and documentation.

The Cybersecurity GRC Analyst works closely with IT, Internal Audit, Compliance, Procurement, and business stakeholders to help ensure cybersecurity requirements are defined, documented, assessed, and monitored across the enterprise. This role is responsible for supporting the maintenance of cybersecurity policies and standards, conducting and documenting risk assessments, evaluating control effectiveness, coordinating audit and compliance activities, tracking remediation efforts, and preparing clear reporting for management and leadership.

Job Responsibilities
  • Support governance oversight activities for the cybersecurity program across the enterprise.
  • Maintain and support policy lifecycle management, including the review, update, and communication of cybersecurity policies, standards, procedures, and related documentation.
  • Assist with standards alignment to applicable requirements, contractual obligations, and recognized cybersecurity frameworks.
  • Perform and document risk and control assessments for systems, applications, vendors, projects, and business processes.
  • Identify control gaps, document findings, and support risk treatment planning with business and technical stakeholders.
  • Assist with control documentation and control testing to evaluate design and operating effectiveness.
  • Provide audit coordination support for internal audits, external audits, and regulatory assessments, including evidence gathering, response tracking, and issue follow-up.
  • Support compliance validation activities to confirm required controls, processes, and documentation are in place and operating as intended.
  • Support third-party risk review activities, including security questionnaires, documentation review, assessment follow-up, and findings management.
  • Maintain risk registers, issue logs, exception records, remediation plans, and supporting documentation.
  • Perform issue remediation tracking and follow up with stakeholders to support timely closure of findings, gaps, and action items.
  • Prepare executive reporting and documentation related to risk posture, compliance status, audit results, remediation progress, control maturity, and key metrics.
  • Support governance committees, risk discussions, and management reporting through accurate and organized documentation.
  • Contribute to continuous improvement of GRC processes, templates, reporting, and governance practices.
Job Specific Qualifications
  • Bachelors degree  in Cybersecurity, Information Systems, Computer Science, Business, Risk Management or related discipline.
  • With four (4) or more years of experience in cybersecurity governance, risk, compliance, IT audit, internal controls, or related field.
  • Candidates without a degree who have 8 years of experience in cyber security governance risk and compliance will be considered.
  • Proficiency with Cyber GRC technologies (such as ServiceNow, Archer, RSAM, etc.)
  • Background supporting governance oversight, policy lifecycle management, and standards alignment activities.
  • Track record performing risk and control assessments and documenting findings, recommendations, and remediation actions.
  • History of supporting control testing, audit coordination, and compliance validation activities.
  • Direct involvement with third-party risk review, vendor assessment support, or related due diligence functions.
  • Familiarity with issue remediation tracking, exception management, and reporting processes.
  • Advanced analytical, organizational, reporting, and documentation skills.
  • Excellent written and verbal communication skills with the ability to work effectively with technical and non-technical stakeholders.
  • Ability to manage multiple priorities, maintain detailed records, and work independently with limited supervision.

Desired:

  • Working knowledge of cybersecurity frameworks and control standards such as NIST CSF, NIST SP 800-53, ISO 27001, and CIS Controls.
  • Cybersecurity certification such as Security+, CISSP, CISA

Please Note the Following:

  • This position falls under the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) and requires NERC CIP background investigation prior to start.

Some positions at PSEG require access to information covered by the Department of Energy's regulation 10 CFR 810 (Part 810). If applicable, the successful applicant must prove they are: (1) a citizen or national of the USA; OR (2) a lawful permanent resident of the United States (Non-Conditional Permanent I-551 / Green Card / Permanent Resident Card holder); OR (3) a citizen, national, or permanent resident of a "Generally Authorized" destination on the attached list and not also a citizen, national, permanent resident of any country not listed; OR (4) a "Protected Individual" under the Immigration and Naturalization Act (8 U.S.C 1324b(a)(3)).


As an employee of PSEG Long Island, you should be aware that during storm/outage restoration efforts, you may be required to perform functions different from normal operations and work extended hours beyond your regular work schedule. You may also be required to work on premise or in an alternate location as directed by the company.

For all roles, PSEGLI's drug and alcohol testing program includes pre-employment testing, testing for cause, and post-incident/accident testing. 
Employees who are hired or transfer into a federally regulated role (including positions covered by USDOT, PHMSA, or NRC regulations) are subject to random drug and alcohol testing, inclusive of marijuana. Although numerous states throughout the country have legalized marijuana/cannabis products recreationally and medically, the use of these products are prohibited for employees in federally regulated roles. Please note that the use of CBD products may result in a positive drug test for THC/Marijuana and such use is not a legitimate medical explanation for a positive result.


If you are a current PSEG employee and offered an opportunity with PSEG Long Island, you will be treated as a new hire.  Please note that as a new hire to the Long Island subsidiary, your benefits will change and generally will be consistent with other similarly situated PSEG Long Island new hires.  Similarly, for PSEG Long Island employees who accept job opportunities with PSEG or any of its subsidiaries (other than PSEG Long Island), their benefits will change and generally be consistent with other similarly situated new hires of that company. 


PSEGLI is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic. Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals. 
PSEGLI is committed to providing reasonable accommodations to individuals with disabilities.  If you have a disability and need assistance applying for a position, please call 973-430-3845 or email accommodations@pseg.com.
If you need to request a reasonable accommodation to perform the essential functions of the job, email accommodations@pseg.com.  Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.


ADDITIONAL EEO INFORMATION (Click link below)
Know your Rights: Workplace Discrimination is Illegal