ZipRecruiter

Log In

1

Cybersecurity Grc Jobs (NOW HIRING)

UGI Corporation

Cybersecurity Senior GRC Analyst

Denver, PA · On-site

$96K - $123K/yr

The GRC Cybersecurity Senior Analyst will report directly to the Global Cybersecurity Risk Manager. This role involves collaborating with cross-functional teams to design, implement, and maintain ...

next page

Showing results 1-20

All JobsCybersecurity Grc Jobs

Cybersecurity Grc information

See salary details

$38.5K

$58.2K

$87K

How much do cybersecurity grc jobs pay per year?

As of Jun 15, 2026, the average yearly pay for cybersecurity grc in the United States is $58,171.00, according to ZipRecruiter salary data. Most workers in this role earn between $48,000.00 and $64,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals in Cybersecurity GRC roles, and how can they be addressed?

Professionals in Cybersecurity GRC (Governance, Risk, and Compliance) often encounter challenges such as keeping up with evolving regulatory requirements, balancing business objectives with security mandates, and fostering collaboration between IT, legal, and business teams. These challenges can be addressed by staying current with industry standards, utilizing automated tools for compliance tracking, and building strong communication channels across departments. Proactively engaging stakeholders and fostering a culture of security awareness also play a crucial role in overcoming these obstacles and ensuring effective risk management.

What is Cybersecurity GRC?

Cybersecurity GRC stands for Governance, Risk, and Compliance in the context of cybersecurity. It involves establishing frameworks and processes to ensure an organization's information security aligns with business objectives, regulatory requirements, and risk management strategies. Professionals in this field help identify and manage security risks, create policies and controls, and ensure compliance with laws and standards such as GDPR, HIPAA, or ISO 27001. The goal of Cybersecurity GRC is to protect the organization’s digital assets while enabling responsible growth and innovation.

What are the key skills and qualifications needed to thrive as a Cybersecurity GRC (Governance, Risk, and Compliance) professional, and why are they important?

To thrive as a Cybersecurity GRC professional, you need a solid understanding of cybersecurity frameworks, risk management principles, and regulatory compliance, often supported by a degree in information security or a related field. Familiarity with tools like GRC platforms (e.g., RSA Archer, ServiceNow), as well as certifications such as CISSP, CISM, or CRISC, is typically required. Strong analytical skills, attention to detail, and effective communication are crucial soft skills for collaborating with stakeholders and translating technical risks into business implications. These competencies ensure organizations can proactively manage cyber risks, meet regulatory requirements, and maintain trust with clients and partners.

Is GRC in high demand?

Cybersecurity GRC (Governance, Risk, and Compliance) professionals are in high demand due to increasing cybersecurity regulations and the need for organizations to manage risk effectively. Employers seek candidates with knowledge of compliance frameworks, risk management, and security policies, often requiring certifications like CISA or CISSP. The role offers strong job growth prospects across various industries as cybersecurity threats continue to evolve.

What is the difference between Cybersecurity Grc vs Cybersecurity Analyst?

AspectCybersecurity GrcCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentPolicy development, risk management, complianceThreat detection, incident response, vulnerability assessment
Employer & Industry UsageOrganizations focusing on governance and complianceSecurity operations centers, IT departments

Cybersecurity Grc professionals focus on establishing policies, managing risks, and ensuring compliance with regulations. In contrast, Cybersecurity Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the cybersecurity field, Grc roles are more strategic and policy-oriented, whereas Analysts are more technical and operational.

Can you make $500,000 a year in cyber security?

Cybersecurity GRC (Governance, Risk, and Compliance) professionals can potentially earn $500,000 annually at senior levels or in executive roles such as Chief Information Security Officer (CISO), especially with extensive experience, certifications like CISSP or CISA, and leadership responsibilities. Achieving this income typically requires a combination of advanced skills, strategic oversight, and working in high-demand industries or organizations with large security budgets.

Is GRC an entry level job?

Cybersecurity GRC (Governance, Risk, and Compliance) roles can be entry-level, especially for positions focused on policy, documentation, and compliance tasks. However, more advanced GRC roles often require prior experience, certifications like CISA or CISSP, and knowledge of security frameworks. Entry-level positions typically involve supporting senior staff and learning industry standards.

How much does a cyber GRC specialist make?

A cybersecurity GRC (Governance, Risk, and Compliance) specialist typically earns between $70,000 and $130,000 annually, depending on experience, certifications, and location. Entry-level roles may start lower, while experienced professionals with certifications like CISSP or CISA can earn higher salaries, often with opportunities for bonuses and benefits.
More about Cybersecurity Grc jobs
What cities are hiring for Cybersecurity Grc jobs? Cities with the most Cybersecurity Grc job openings:
What are the most commonly searched types of Cybersecurity Grc jobs? The most popular types of Cybersecurity Grc jobs are:
What states have the most Cybersecurity Grc jobs? States with the most job openings for Cybersecurity Grc jobs include:
What job categories do people searching Cybersecurity Grc jobs look for? The top searched job categories for Cybersecurity Grc jobs are:
Cybersecurity Grc jobs near you
Infographic showing various Cybersecurity Grc job openings in the United States as of June 2026, with employment types broken down into 95% Full Time, 3% Part Time, and 2% Contract. Highlights an 77% Physical, 9% Hybrid, and 14% Remote job distribution, with an average salary of $58,171 per year, or $28 per hour.

Cybersecurity GRC Specialist II

Kirkland & Ellis LLP.

Chicago, IL • On-site

Full-time

Medical, Retirement, PTO

Posted 8 days ago

Job description

About Kirkland & Ellis
At Kirkland & Ellis, we don't just meet the standard for legal excellence - we set it. Our culture is built on teamwork, ingenuity and an unwavering commitment to continuous growth. We tackle the most sophisticated legal challenges with bold ideas and innovative solutions, powered by the exceptional experience and ambition of our 7,000+ people, including 4,000+ attorneys, across 23 offices worldwide. Our dedicated professionals share our lawyers' commitment to excellence and show up each day to do meaningful work that helps drive global business, investment and innovation forward.
What You'll Do
Are you driven to strengthen security programs, reduce risk, and help organizations meet evolving cybersecurity expectations?
As a Security GRC Specialist II, you'll be a key member of the Governance, Risk, and Compliance (GRC) team, leading and executing core GRC programs while serving as a trusted Information Security subject matter expert. This role blends strategic oversight with hands-on execution-partnering with technical teams, business stakeholders, clients, and vendors to ensure security controls, policies, and risk practices are effective, compliant, and clearly communicated.
What You'll Do
  • Client & Third-Party Assessments: Lead responses to client security assessments, questionnaires, and audits, documenting evidence and performing risk assessments as needed.
  • Policy & Standards Management: Create, maintain, and evolve security policies, standards, guidelines, and supporting documentation through strong technical writing.

  • Risk & Compliance Assurance: Manage and support processes that ensure Information Technology (IT) systems meet cybersecurity, risk, and compliance requirements.

  • Security Consulting & SME Support: Serve as an Information Security subject matter expert, advising technical and non-technical stakeholders across the organization.

  • Vendor Risk Management: Manage the third-party Security Vendor Risk Management program, including assessments, remediation tracking, and lifecycle oversight.

  • Exception & Risk Treatment: Oversee the security exception request process and provide guidance on appropriate risk treatment decisions.

  • Security Awareness Program: Manage the full lifecycle of the Security Awareness program, including roadmap development, training evaluation, and effectiveness measurement.

  • GRC Platform Administration: Support and optimize Governance, Risk, and Compliance (GRC) technology platforms and associated workflows.

  • Controls & Compliance Evaluations: Conduct evaluations of IT programs and components to confirm alignment with published security standards and frameworks.

What You'll Bring
  • Education: Bachelor's degree or equivalent with five (5) years of work experience in IT Security is required.
  • Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Advanced in AI Audit (AAIA), Advanced in AI Risk (AAIR), Advanced in AI Security Management (AAISM) or other relevant training and certifications are preferred.
  • Information Security Experience: Four (4) or more years of Information Security experience, with hands-on technical experience strongly preferred.
  • Framework & GRC Knowledge: Strong working knowledge of security frameworks and standards such as ISO 27001, National Institute of Standards and Technology (NIST), System and Organization Controls (SOC), and Standardized Information Gathering (SIG) is required.
  • AI Risk: Experience in Artificial Intelligence (AI) governance, security, and risk management is required.
  • Technical Writing & Communication: Proven ability to produce clear, well-structured security documentation and communicate complex technical topics to varied audiences.
  • Risk & Vendor Management Skills: Experience leading risk assessments, vendor security reviews, and client-facing security discussions with professionalism and tact.
  • GRC Tools & Technologies: Familiarity with GRC platforms, role-based access controls, and a broad range of security technologies and tools.
  • Analytical & Organizational Strength: Strong problem-solving, project management, and time management skills with the ability to work independently or collaboratively.
  • Technical Acumen: Working knowledge of areas such as authentication, encryption, firewalls, SIEM, intrusion detection/prevention, vulnerability management, mobile security, and privileged access management.
  • Collaboration & Professionalism: Client-focused mindset with strong interpersonal skills, attention to detail, and a commitment to maintaining accurate records and documentation.

Compensation
The base salary range below represents the low and high end of the salary range for this position in Chicago. This range may differ based on your geographic location and cost of living considerations. At Kirkland & Ellis, we consider compensation more than just a base salary. We offer an exceptional range of flexible benefits including comprehensive healthcare, paid time off, and retirement. We also offer personal support and tailored learning and development opportunities all designed to help you realize your full potential both in life and at work.
Compensation Range:
Chicago: $116,000 - $144,000
How to Apply
Thank you for your interest in Kirkland & Ellis LLP. To complete an application and submit your resume, please click "Apply Now."
Don't meet every job requirement? That's okay! If you're excited about this role but your experience doesn't perfectly fit every qualification, we encourage you to apply anyway. You may be just the right person for this role or others at Kirkland.
Equal Employment Opportunity
All employment decisions, including the recruiting, hiring, placement, training availability, promotion, compensation, evaluation, disciplinary actions, and termination of employment (if necessary) are made without regard to the employee's race, color, creed, religion, sex, pregnancy or childbirth, personal appearance, family responsibilities, sexual orientation or preference, gender identity, political affiliation, source of income, place of residence, national or ethnic origin, ancestry, age, marital status, military veteran status, unfavorable discharge from military service, physical or mental disability, or on any other basis prohibited by applicable law. #LI-Hybrid #LI-AR1

Apply