1

Governance Risk Compliance Manager Jobs in Decatur, GA

... risk assessment and mitigation. Policy, Documentation & Governance - Develop, maintain, and govern ... Compliance Planning, Audits & Risk Management - Maintain a comprehensive calendar of HR compliance ...

GRC, SOX Project Lead

Atlanta, GA · On-site

$90K - $118K/yr

... IT Controls, Risk Management, Governance, and Compliance to provide independent oversight of SOX control design, operating effectiveness, audit readiness, and remediation activities. The ideal ...

In this role, you will bridge Information Security Governance, Risk & Compliance (GRC)and IT Service Management (ITSM) disciplines to strengthen our global IT operations and compliance posture. You ...

In this role, you will bridge Information Security Governance, Risk & Compliance (GRC)and IT Service Management (ITSM) disciplines to strengthen our global IT operations and compliance posture. Youll ...

next page

Showing results 1-20

Governance Risk Compliance Manager information

See Decatur, GA salary details

$37.6K

$92.9K

$153.3K

How much do governance risk compliance manager jobs pay per year?

As of Jul 15, 2026, the average yearly pay for governance risk compliance manager in Decatur, GA is $92,852.00, according to ZipRecruiter salary data. Most workers in this role earn between $68,300.00 and $113,700.00 per year, depending on experience, location, and employer.

How does a Governance Risk Compliance (GRC) Manager typically collaborate with other departments to ensure effective risk management?

A GRC Manager works closely with various departments such as IT, legal, finance, and operations to identify, assess, and mitigate risks across the organization. This often involves facilitating cross-departmental meetings, guiding teams through compliance requirements, and ensuring that controls are implemented effectively. Strong communication and project management skills are essential, as GRC Managers must translate complex regulatory requirements into actionable steps for different teams. This collaborative approach helps ensure that risk management strategies are integrated into daily business processes and that compliance goals are met organization-wide.

What is the salary of governance risk compliance?

The salary for a Governance, Risk, and Compliance (GRC) Manager typically ranges from $80,000 to $150,000 annually, depending on experience, location, and industry. Professionals with certifications like CRISC or CISA and strong knowledge of regulatory frameworks may earn higher salaries.

Is governance risk and compliance a good career?

Governance, Risk, and Compliance (GRC) management is a growing field that involves developing policies, managing regulatory requirements, and ensuring organizational integrity. It often requires certifications like CISA or CRISC and skills in risk assessment, policy development, and compliance frameworks. The role offers stability and opportunities across various industries, making it a viable career choice for those interested in organizational governance and risk management.

What does a governance and risk manager do?

A governance and risk manager oversees an organization’s compliance with laws, regulations, and internal policies, identifying and mitigating potential risks. They develop frameworks, conduct audits, and implement controls to ensure operational integrity and reduce vulnerabilities, often using tools like risk assessment software and requiring certifications such as CRISC or ISO standards.

What is the difference between Governance Risk Compliance Manager vs Compliance Analyst?

AspectGovernance Risk Compliance ManagerCompliance Analyst
CertificationsISO 31000, CRISC, CISACCA, CCEP, or similar
Work EnvironmentStrategic, managerial, policy-focusedOperational, detail-oriented, audit-focused
Employer & Industry UsageFinancial, healthcare, corporate sectorsRegulatory agencies, corporations, consulting firms
Search & Comparison IntentUnderstanding managerial roles in governance and riskDetailing compliance procedures and analysis

The Governance Risk Compliance Manager oversees organizational policies, risk management strategies, and compliance frameworks at a strategic level. In contrast, the Compliance Analyst focuses on implementing and monitoring compliance procedures, conducting audits, and ensuring adherence to regulations. Both roles require relevant certifications and are vital in maintaining organizational integrity, but they differ in scope and responsibilities.

What does a Governance Risk Compliance (GRC) Manager do?

A Governance Risk Compliance (GRC) Manager is responsible for developing, implementing, and overseeing policies and procedures to ensure that an organization complies with regulatory requirements and manages risks effectively. They work closely with various departments to identify potential risks, ensure proper governance frameworks are in place, and monitor compliance with relevant laws and standards. GRC Managers play a key role in maintaining ethical practices, preventing legal issues, and helping organizations achieve their business objectives securely and efficiently.

What are the key skills and qualifications needed to thrive as a Governance Risk Compliance Manager, and why are they important?

To thrive as a Governance Risk Compliance Manager, you need expertise in risk assessment, regulatory frameworks, and compliance management, typically supported by a degree in business, law, or a related field. Familiarity with GRC platforms (like RSA Archer or MetricStream), internal audit tools, and relevant certifications such as CISA, CISM, or CRISC is common. Strong analytical thinking, attention to detail, and effective communication help manage complex regulations and drive organizational compliance culture. These skills ensure the organization can proactively identify risks, comply with legal requirements, and maintain operational integrity.

Is GRC an entry level job?

Governance, Risk, and Compliance (GRC) roles are typically not entry-level positions; they usually require several years of experience in compliance, risk management, or related fields. Entry-level roles in GRC may focus on supporting functions, while managerial positions often demand a strong understanding of regulations, policies, and relevant tools like GRC software. Certifications such as CISA or CRISC can also be beneficial for advancement.
What are the most commonly searched types of Governance Risk Compliance jobs in Decatur, GA? The most popular types of Governance Risk Compliance jobs in Decatur, GA are:
What job categories do people searching Governance Risk Compliance Manager jobs in Decatur, GA look for? The top searched job categories for Governance Risk Compliance Manager jobs in Decatur, GA are:
What cities near Decatur, GA are hiring for Governance Risk Compliance Manager jobs? Cities near Decatur, GA with the most Governance Risk Compliance Manager job openings:
Senior Associate, Cybersecurity Advisory & Risk Management

Senior Associate, Cybersecurity Advisory & Risk Management

Meditology Services LLC

Atlanta, GA • On-site

$95K - $110K/yr

Full-time

Re-posted 2 days ago


Job description

Description:

Job Title: Senior Associate, Cybersecurity Advisory & Risk Management

Department: ITRM

Employment Status: Full Time

Effective Date: 6/12/2026


About Us

Meditology Services is a leading healthcare-focused cybersecurity, privacy, compliance, and information risk management consulting firm. We help healthcare organizations manage risk, strengthen security programs, achieve compliance objectives, and improve cybersecurity maturity through practical, business-focused advisory services.

Our consultants work alongside healthcare executives, information security leaders, compliance teams, and operational stakeholders to solve complex cybersecurity and risk management challenges. We pride ourselves on delivering actionable recommendations, building trusted relationships, and helping our clients improve their security posture in meaningful ways.


Why Meditology

At Meditology, consultants are more than assessors—they are trusted advisors. You'll have the opportunity to work directly with healthcare executives, lead meaningful client engagements, develop expertise across cybersecurity and risk management disciplines, and help shape the future of healthcare cybersecurity.

This role provides a clear path toward advancement into Manager, Engagement Manager, and Advisory Leadership positions while working alongside some of the industry's leading healthcare cybersecurity professionals.

If you're looking for a role that combines cybersecurity expertise, client interaction, strategic thinking, presentation skills, and professional growth, we'd love to hear from you.


Position Description:

Meditology is seeking a Senior Associate to join our Information Technology Risk Management (ITRM) Advisory practice. This role is ideal for a cybersecurity professional who enjoys working directly with clients, leading assessments, facilitating discussions, and helping organizations address complex cybersecurity, governance, risk, and compliance challenges.

Unlike traditional audit-focused roles, this position combines assessment execution, strategic advisory services, client relationship development, presentation delivery, and thought leadership. The ideal candidate is someone who wants to develop into a trusted advisor capable of leading client engagements, influencing executive decision-making, and helping organizations mature their cybersecurity programs.

This is a highly visible, client-facing consulting role with significant opportunities for growth and advancement.


Responsibilities include:


Lead Client Engagements


Serve as a key contributor and day-to-day lead on client engagements.


· Leading client interviews, workshops, and discovery sessions

· Facilitating discussions with executives, operational leaders, and technical teams

· Managing engagement activities, timelines, and deliverables

· Building trusted client relationships

· Identifying client risks, challenges, and opportunities

· Providing practical recommendations that align cybersecurity priorities with business objectives

· Supporting executive briefings and strategic discussions

· Leading portions of client engagements independently while partnering with Managers and Service Line Leaders on larger initiatives


The successful candidate will be comfortable interacting with clients and serving as a trusted advisor throughout the engagement lifecycle.


Perform Cybersecurity & Risk Assessments


Lead and support a variety of cybersecurity, risk management, and compliance engagements.


· Conducting NIST Cybersecurity Framework (CSF) 2.0 assessments

· Leading HIPAA Security Risk Assessments (SRAs)

· Performing cybersecurity maturity assessments

· Evaluating governance, risk, and compliance programs

· Conducting AI governance and AI risk assessments

· Assessing third-party risk management programs

· Identifying cybersecurity risks, control gaps, and improvement opportunities

· Developing risk registers, remediation roadmaps, and strategic recommendations

· Facilitating stakeholder interviews and workshops

· Presenting assessment results and recommendations to executive leadership


The Senior Associate should be capable of independently leading small-to-medium assessments while serving as a trusted advisor throughout the engagement lifecycle.


Perform HITRUST Readiness & Certification Assessments


Lead and support HITRUST-related engagements for healthcare and healthcare-adjacent organizations seeking to strengthen their security and compliance programs.


· Performing HITRUST e1, i1, and r2 readiness assessments

· Supporting validated HITRUST certification assessments

· Conducting control maturity and gap analyses

· Reviewing policies, procedures, and supporting evidence

· Developing remediation plans to address identified gaps

· Advising clients on HITRUST implementation strategies and certification readiness

· Supporting ongoing compliance and program maturity initiatives

· Presenting readiness and assessment results to client stakeholders


The ideal candidate understands how HITRUST aligns with broader cybersecurity, risk management, and compliance objectives and can communicate requirements in a practical, business-focused manner.


Support SOC 2 Readiness & Attestation Engagements


Support clients seeking to establish and demonstrate effective security and compliance controls through SOC reporting initiatives.


· Supporting SOC 2 readiness assessments

· Evaluating controls against the Trust Services Criteria

· Assisting clients with remediation planning and control implementation

· Reviewing policies, procedures, and evidence artifacts

· Supporting SOC 2 Type I and Type II attestation preparation activities

· Helping clients operationalize governance and compliance processes to support ongoing attestation requirements


Experience supporting SOC 2 Type II attestation engagements is highly desirable.


Develop Executive-Level Deliverables


Create high-quality deliverables that clearly communicate risks, recommendations, and business impact.


· Cybersecurity assessment reports

· Executive summaries

· Risk registers

· Remediation roadmaps

· Strategic recommendations

· Maturity assessment reports

· Presentation decks and workshop materials

· Board and executive-level communications


Candidates must be able to translate complex technical findings into language that resonates with executives, boards, and business leaders.


Presentation & Facilitation


Strong communication and presentation skills are critical to success in this role.


· Leading client interviews and workshops

· Facilitating cybersecurity and risk discussions

· Presenting findings and recommendations to leadership teams

· Delivering assessment readouts and remediation planning sessions

· Supporting executive and board-level presentations

· Developing professional PowerPoint presentations and client-facing materials


The ideal candidate enjoys presenting, facilitating discussions, and helping clients understand cybersecurity risks in a practical and business-focused manner.


Advisory & Strategy Services


Support clients in developing and improving cybersecurity and risk management programs.


Examples include:

· Cybersecurity strategy development

· Governance program assessments

· Security program benchmarking

· Risk management program development

· AI governance and oversight initiatives

· Cybersecurity roadmap creation

· Remediation planning and prioritization

· Third-party risk management strategy

· Security operating model development

· Policy and governance program development


This role requires the ability to move beyond compliance requirements and provide meaningful business-focused guidance.


Contribute to Practice Growth & Thought Leadership


As a consulting organization, we value professionals who contribute to the growth of both our clients and our firm.


· Participating in strategic account discussions

· Identifying opportunities to deliver additional value to clients

· Contributing to white papers, blog posts, and thought leadership initiatives

· Supporting webinars, conference presentations, and educational content

· Researching emerging cybersecurity, healthcare, and AI-related trends

· Sharing knowledge and mentoring junior team members

Requirements:

Qualifications:

  • 4–7 years of experience in cybersecurity, information security, IT risk, compliance, consulting, or audit
  • Experience conducting cybersecurity, compliance, or risk assessments
  • Experience leading client interviews
  • Experience developing professional reports and presentations
  • Experience presenting findings and recommendations to clients
  • Experience managing portions of client engagements independently
  • Consulting experience preferred

Technical Knowledge:


Experience with one or more of the following:

  • NIST Cybersecurity Framework (CSF) 2.0
  • HIPAA Security Rule
  • HITRUST (e1, i1, and r2)
  • SOC 2 Type I and Type II
  • NIST SP 800-53
  • CIS Critical Security Controls
  • Third-Party Risk Management
  • AI Governance and Risk Management
  • HIPAA Privacy Rule knowledge a plus

Professional Skills:


Successful candidates demonstrate:

  • Strong consulting and advisory mindset
  • Excellent written and verbal communication skills
  • Strong presentation and facilitation abilities
  • Executive presence and client-facing confidence
  • Strong analytical and critical thinking skills
  • Ability to connect cybersecurity risks to business outcomes
  • Ability to manage multiple priorities and engagements
  • Strong attention to detail and organizational skills
  • Intellectual curiosity and desire for continuous learning
  • Ability to develop trusted relationships with clients and colleagues

Preferred Certifications:


One or more of the following certifications is a plus:

  • CISSP
  • CISM
  • CISA
  • HCISPP
  • CRISC
  • HITRUST CCSFP
  • Security+

Candidates actively pursuing certifications are encouraged to apply.