1

Governance Risk Compliance Analyst Jobs (NOW HIRING)

Robert Half is seeking an experienced AI Risk & Compliance Analyst to support the intake ... This is a hands-on role for a practitioner with direct experience in AI governance, AI risk ...

Knowledge of Governance, Risk, and Compliance (GRC) and Audit practices and experience with ... Exceptional analytical, investigative, and problem-solving skills * High integrity with the ability ...

Our Client, a Global Services and Media company, is looking for an AI Risk & Compliance Analyst for ... Support alignment with AI governance standards and regulatory expectations, and sector specific ...

next page

Showing results 1-20

Governance Risk Compliance Analyst information

See salary details

$15

$40

$65

How much do governance risk compliance analyst jobs pay per hour?

As of Jul 11, 2026, the average hourly pay for governance risk compliance analyst in the United States is $40.49, according to ZipRecruiter salary data. Most workers in this role earn between $29.81 and $49.28 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Governance Risk Compliance Analyst, and why are they important?

To thrive as a Governance Risk Compliance (GRC) Analyst, you need a solid understanding of risk management, regulatory frameworks, and auditing, typically supported by a degree in business, finance, or a related field. Familiarity with GRC software platforms (like RSA Archer or MetricStream), as well as certifications such as CISA or CRISC, are commonly required. Analytical thinking, attention to detail, and excellent communication skills help you navigate complex regulations and collaborate with various stakeholders. These competencies ensure organizations maintain compliance, manage risks effectively, and uphold strong corporate governance.

What are some common challenges faced by Governance Risk Compliance Analysts when implementing new compliance frameworks?

Governance Risk Compliance (GRC) Analysts often encounter challenges such as ensuring organization-wide adoption of new compliance policies, interpreting evolving regulations, and integrating compliance requirements into existing business processes. They must frequently collaborate with multiple departments, which can involve aligning different stakeholders’ priorities and addressing resistance to change. Successfully navigating these challenges requires strong communication skills, the ability to translate complex regulations into practical steps, and a proactive approach to continuous training and awareness.

What does a governance risk and compliance analyst do?

A governance risk and compliance analyst evaluates an organization’s policies, procedures, and controls to ensure adherence to legal and regulatory requirements. They identify potential risks, develop mitigation strategies, and monitor compliance using tools like audit software, often supporting risk management frameworks and reporting processes.

What is the difference between Governance Risk Compliance Analyst vs Compliance Analyst?

AspectGovernance Risk Compliance AnalystCompliance Analyst
CertificationsISO 31000, CRISC, CISAISO 37001, CCEP, CIA
Work EnvironmentCorporate, financial, or regulatory settingsVarious industries, including healthcare, finance, and manufacturing
Primary FocusRisk management, governance frameworks, compliance policiesEnsuring adherence to laws, regulations, and standards

The Governance Risk Compliance Analyst primarily focuses on establishing and maintaining risk management and governance frameworks within organizations, while the Compliance Analyst concentrates on ensuring adherence to specific laws and regulations. Both roles require similar certifications and often work in corporate environments, but their core responsibilities differ in scope and focus.

Is GRC an entry level job?

Governance, Risk, and Compliance (GRC) analyst roles can be entry-level or require some experience, depending on the organization. Entry-level positions typically focus on supporting compliance activities and may require basic knowledge of regulations and tools like audit software, while more advanced roles may need certifications or prior experience in risk management or governance frameworks.

What is the salary of governance risk compliance?

The salary of a Governance Risk Compliance (GRC) Analyst typically ranges from $60,000 to $110,000 annually, depending on experience, location, and industry. Entry-level positions may start lower, while experienced professionals with certifications like CISA or CRISC can earn higher salaries. Salaries often include benefits such as health insurance and retirement plans.

What does a Governance Risk Compliance (GRC) Analyst do?

A Governance Risk Compliance (GRC) Analyst is responsible for ensuring an organization adheres to regulatory requirements, internal policies, and risk management best practices. They identify potential risks, evaluate the effectiveness of existing controls, and recommend improvements to mitigate risks. GRC Analysts also help develop and maintain compliance frameworks, conduct audits, and provide training to staff on compliance matters. Their work helps protect organizations from legal penalties, reputational damage, and operational disruptions.

Is governance risk and compliance a good career?

Governance, Risk, and Compliance (GRC) analysts play a key role in helping organizations manage regulatory requirements, security policies, and risk mitigation. The field offers steady demand, opportunities for certification such as CISA or CRISC, and potential for career advancement in various industries. It is suitable for individuals with strong analytical skills, attention to detail, and knowledge of compliance frameworks like ISO, GDPR, or SOX.
More about Governance Risk Compliance Analyst jobs
What cities are hiring for Governance Risk Compliance Analyst jobs? Cities with the most Governance Risk Compliance Analyst job openings:
Security Governance, Risk, Compliance Analyst

Security Governance, Risk, Compliance Analyst

CYNET SYSTEMS

San Jose, CA • On-site

Contractor

Posted 10 days ago


Job description

Job Overview:

Requirement/Must Have:

  • 4+ years working in governance, risk and compliance and/or information security and risk management.
  • Functional knowledge of some CISSP security domains and information security industry standard and best practices.
  • Functional knowledge of applicable security regulatory requirements (SOX, GDPR, AI Act).
  • Functional knowledge of ISMS governance models (i.e. ISO 27001, NIST, CAIQ), information security roles, security controls.
  • Functional knowledge of common security certifications (i.e. ISO 27001, ISO 42001, SOC1, SOC2) and ability to glean significance from findings identified in these reports.
  • Ability to communicate risk methodologies and concepts to business units and IT teams.
  • Demonstrated experience with controls definition, development, implementation and assessment.
  • Hands-on experience building or customizing AI/automation solutions, including LLM-based workflows, agents, or copilots, API integrations, scripting (e.g., Python), or low-code platforms.
  • Ability to translate GRC use cases into scalable automation solutions.
  • Understanding of AI risks, controls, and governance frameworks (ISO 42001, AI Act).
  • Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
  • Strong attention to detail, project management and organizational skills.
  • Self-starter with the ability to effectively manage independent workloads asynchronously with stakeholders across multiple time zones.

Responsibilities:

  • Support the GRC operating model and the service-oriented customer engagement model.
  • Support GRC capabilities, such as enterprise security risk management, compliance and audit management, policy management, security awareness training, third party risk management, and metrics and reporting.
  • Assist to manage security compliance programs and activities that support various compliance regulations.
  • Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
  • Collaborate with various operational and business teams to complete assessments and drive remediation items to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders and leadership.
  • Monitor the security risk profiles and events of suppliers to objectively determine high risk suppliers that require additional review and treatment plans.
  • Design, build, and deploy AI-powered solutions (including agents) to scale GRC processes including but not limited to Security questionnaires, Risk assessments, Evidence collection and control testing.
  • Develop automated workflows and pipelines using APIs, scripting, or low-code platforms.
  • Apply LLMs/NLP to analyze policies, audit findings, and regulatory requirements.
  • Extract insights from large GRC datasets to build and maintain AI-driven risk scoring and prioritization models.
  • Partner with security, engineering, and data teams to productionize AI use cases.
  • Ensure secure, compliant, and governed use of AI aligned with ISO 42001 and EU AI Act.
  • Establish and maintain security metrics and reporting including automating KRI/KPI generation and reporting pipelines, deliver real-time visibility into security risk posture that aligns with operational/business risk areas and corporate risk.
  • Measure and report efficiency gains from automation (time saved, coverage increased, etc.).
  • Respond to customer security/compliance questionnaires.
  • Act as security risk management ambassador to internal customers.

Founded in 2010 and headquartered in the Washington, DC metro area, Cynet Systems Inc. is a leading staffing and recruiting powerhouse. Proudly recognized as a nationally and locally certified diversity firm, Cynet delivers agile, scalable talent solutions across industries. With an active footprint in all 50 U.S. states and Canada, we support thousands of consultants through our expansive, high-performing recruitment engine operating across North America and Asia—ensuring speed, quality, and consistency in every hire.

Cynet Systems logo

About Cynet Systems

Sourced by ZipRecruiter

Cynet Systems Inc is a staffing and recruiting corporation nestled in Ashburn, VA, USA. Established in 2010, the company operates within the Information Technology and Services sector, specializing in providing effective workforce solutions to different business needs, including IT consulting, direct hire, and contract staffing services. Through the years, Cynet Systems has built an impressive portfolio, going beyond borders and expanding its operations internationally in Canada and India. Rooted in its core values of teamwork, leadership, and commitment, Cynet Systems helps businesses unlock their full potential by providing versatile and competent professionals that perfectly align with their needs. Fueled by their unwavering mission to deliver top-tier talent to businesses worldwide, Cynet Systems garnered various recognitions including SIA's fastest-growing staffing firms and Best Place to Work in Virginia for 2019.

Industry

It services

Company size

501 - 1,000 Employees

Headquarters location

Sterling, VA, US

Year founded

2010

Social media