1

Grc Professional Jobs (NOW HIRING)

GRC Developer We are seeking a skilled GRC Developer with expertise in Archer GRC platforms to join ... Professional (CDMP) or a Business Intelligence designation * Knowledge of data modeling and ...

GRC Manager

Dallas, TX · Remote

$116K - $119K/yr

As our GRC Manager, youll be delivering GRC, ERM, Audit Management and Advanced ERP Controls Management Professional Services as required by SafePaaSs client. Successfully complete key project mile ...

GRC Manager

Dallas, TX

$112K - $115K/yr

As our GRC Manager, you'll be delivering GRC, ERM, Audit Management and Advanced ERP Controls Management Professional Services as required by SafePaaS's client. Successfully complete key project mile ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates ... Professional experience with an architectural understanding of network security and application ...

GRC Manager

Dallas, TX · On-site

$112K - $115K/yr

As our GRC Manager, you'll be delivering GRC, ERM, Audit Management and Advanced ERP Controls Management Professional Services as required by SafePaaS's client. Successfully complete key project mile ...

Oracle GRC Consultant

Tulsa, OK

$58 - $73/hr

We are a GLOBAL NETWORK of proven industry professionals demonstrating the fastest fulfillment rate of high tech professionals for Fortune 500 Companies. GRC = Governance, Risk, & Compliance Advanced ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates ... Professional experience with an architectural understanding of network security and application ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates ... Professional experience with an architectural understanding of network security and application ...

next page

Showing results 1-20

Grc Professional information

See salary details

$11

$21

$32

How much do grc professional jobs pay per hour?

As of Jul 4, 2026, the average hourly pay for grc professional in the United States is $21.32, according to ZipRecruiter salary data. Most workers in this role earn between $17.55 and $23.08 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a GRC (Governance, Risk, and Compliance) Professional, and why are they important?

To thrive as a GRC Professional, you need a solid understanding of regulatory frameworks, risk management principles, and compliance requirements, often supported by a degree in business, law, or information security. Familiarity with GRC platforms like RSA Archer, MetricStream, or ServiceNow GRC, and certifications such as CISA, CRISC, or CISSP, are commonly expected. Attention to detail, strong analytical thinking, and effective communication are crucial soft skills for interpreting regulations and advising stakeholders. These skills ensure organizations effectively manage risks, maintain compliance, and build a resilient, ethical business environment.

Is GRC a good career?

A GRC (Governance, Risk, and Compliance) professional plays a key role in managing organizational policies, risk assessments, and regulatory compliance. The field offers strong job growth, competitive salaries, and opportunities to work in various industries, often requiring knowledge of frameworks like ISO, NIST, or COBIT. It is suitable for individuals with skills in cybersecurity, audit, or legal compliance seeking a stable and evolving career path.

What is the difference between Grc Professional vs Compliance Analyst?

AspectGrc ProfessionalCompliance Analyst
CertificationsISO 31000, COSO, CISAISO 37001, CCEP, CISA
Work EnvironmentRisk management, governance, compliance teamsRegulatory compliance, audit, and policy enforcement
Industry UsageFinance, healthcare, technologyFinance, healthcare, manufacturing

Grc Professionals focus on overall governance, risk, and compliance strategies, often working across multiple domains. Compliance Analysts primarily concentrate on ensuring adherence to specific regulations and policies. While both roles require similar certifications and work in related environments, Grc Professionals have a broader scope, whereas Compliance Analysts specialize in regulatory compliance tasks.

What is a GRC professional?

A GRC professional specializes in Governance, Risk Management, and Compliance, helping organizations develop policies, manage risks, and ensure regulatory adherence. They often work with frameworks like ISO, COBIT, or NIST and may hold certifications such as CISA or CRISC. Their role involves assessing vulnerabilities, implementing controls, and supporting audit processes.

What jobs in the US pay 300,000 a year?

GRC (Governance, Risk, and Compliance) professionals can earn $300,000 or more annually at senior levels, especially with extensive experience, certifications like CISA or CISSP, and leadership roles in large organizations. High-paying positions often involve strategic oversight, cybersecurity, or executive management within compliance and risk management departments.

What are some common challenges GRC Professionals face when implementing new compliance frameworks within an organization?

GRC Professionals often encounter challenges such as resistance to change from employees, integrating new compliance frameworks with existing processes, and ensuring that all departments understand and adhere to updated policies. Navigating complex regulatory requirements and translating them into practical, actionable steps for the business can also be demanding. Successful GRC Professionals typically address these challenges through clear communication, cross-functional collaboration, and ongoing education to foster a culture of compliance.

What are the careers in GRC?

Careers in GRC (Governance, Risk, and Compliance) include roles such as GRC analyst, compliance officer, risk manager, and audit professional. These roles involve developing policies, managing regulatory requirements, assessing risks, and implementing controls, often requiring knowledge of frameworks like ISO, COBIT, or NIST, and certifications such as CISA or CRISC.

What are GRC professionals?

GRC professionals are experts who manage Governance, Risk, and Compliance within an organization. They help companies develop and enforce policies, assess and mitigate risks, and ensure compliance with relevant laws and regulations. Their work is crucial for maintaining ethical standards, avoiding legal penalties, and supporting business objectives. GRC professionals often collaborate with departments across the organization to create integrated frameworks that promote accountability and transparency.
More about Grc Professional jobs
What cities are hiring for Grc Professional jobs? Cities with the most Grc Professional job openings:
What are the most commonly searched types of Grc jobs? The most popular types of Grc jobs are:
What states have the most Grc Professional jobs? States with the most job openings for Grc Professional jobs include:
What job categories do people searching Grc Professional jobs look for? The top searched job categories for Grc Professional jobs are:
Cyber - SAP Security and GRC Access & Process Control Manager

Cyber - SAP Security and GRC Access & Process Control Manager

Deloitte

Cincinnati, OH

Other

Posted 5 days ago


Deloitte rating

8.0

Company rating: 8.0 out of 10

Based on 89 frontline employees who took The Breakroom Quiz

71st of 146 rated financial services


Job description

SAP Security and GRC Manager / Engineering Manager II

Our Deloitte Cyber team helps organizations address cybersecurity challenges across complex technology environments. Join the team to deliver solutions that help clients navigate evolving threats, strengthen resilience, and support secure business transformation. In this role, you will help organizations manage SAP security and governance, risk, and compliance requirements across implementation and transformation programs.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As an Engineering Manager II on the Enterprise Security team, you will be responsible for supporting SAP security and GRC implementations, assessments, and transformation initiatives across client environments.

  • Lead SAP ECC and SAP S/4HANA security assessments, design, and implementation activities across complex business and technology environments
  • Design, build, test, and deploy end-user and IT support security roles across SAP platforms, including Fiori, Ariba, Integrated Business Planning, Business Technology Platform, and Business Data Cloud
  • Configure and implement SAP GRC Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
  • Support SAP GRC Process Control design and configuration, including controls, risks, subprocesses, organizations, assignments, and continuous control monitoring capabilities
  • Manage project workstreams, client stakeholders, and delivery teams while providing recommendations on SAP security role design, segregation of duties, vulnerability findings, and regulatory control requirements

A successful candidate would possess these skills:

  • Ability to work independently and collaborate as part of a team
  • Effective written and verbal communication skills
  • Meticulous attention to detail and quality of work product
  • Ability to build and sustain professional relationships
  • Ability to lead projects or workstreams
  • Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
  • Strong interpersonal skills and professional demeanor
  • Ability to meet deadlines
  • Ability to mentor and provide clear guidance to others

The team

Deloitte's Enterprise Security Offering helps clients embed security across digital transformation initiatives by securing core technology environments while enabling business change. The team supports work spanning security architecture, secure development and deployment, cyber cloud capabilities, application security, and security for emerging technologies and connected products.

Qualifications

Required:

  • Bachelor's degree
  • 8+ years of experience with SAP S/4HANA security and SAP Governance, Risk, and Compliance (GRC) Access Control
  • 8+ years of hands-on experience implementing security for SAP S/4HANA, Fiori, Ariba, Integrated Business Planning (IBP), Business Technology Platform (BTP), and Business Data Cloud (BDC), including requirement gathering, security design, and deployment
  • Demonstrated delivery of 3+ full-cycle SAP GRC Access Control implementation projects, SAP S/4HANA security implementations, and 2+ SAP GRC Process Control implementations
  • 5+ years of experience designing, configuring, and implementing SAP GRC Access Risk Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM)
  • Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
  • Limited immigration sponsorship may be available.

Preferred:

  • Previous consulting experience
  • Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA)
  • Experience with SAP identity and access governance
  • Experience with cloud security and cloud migrations
  • Experience with SAP business process controls and data protection tools such as NextLabs
  • Experience with vulnerability management tools such as Onapsis

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $134,500 to $265,100.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Qualifications:

SAP Security and GRC Manager / Engineering Manager II

Our Deloitte Cyber team helps organizations address cybersecurity challenges across complex technology environments. Join the team to deliver solutions that help clients navigate evolving threats, strengthen resilience, and support secure business transformation. In this role, you will help organizations manage SAP security and governance, risk, and compliance requirements across implementation and transformation programs.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As an Engineering Manager II on the Enterprise Security team, you will be responsible for supporting SAP security and GRC implementations, assessments, and transformation initiatives across client environments.

  • Lead SAP ECC and SAP S/4HANA security assessments, design, and implementation activities across complex business and technology environments
  • Design, build, test, and deploy end-user and IT support security roles across SAP platforms, including Fiori, Ariba, Integrated Business Planning, Business Technology Platform, and Business Data Cloud
  • Configure and implement SAP GRC Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
  • Support SAP GRC Process Control design and configuration, including controls, risks, subprocesses, organizations, assignments, and continuous control monitoring capabilities
  • Manage project workstreams, client stakeholders, and delivery teams while providing recommendations on SAP security role design, segregation of duties, vulnerability findings, and regulatory control requirements

A successful candidate would possess these skills:

  • Ability to work independently and collaborate as part of a team
  • Effective written and verbal communication skills
  • Meticulous attention to detail and quality of work product
  • Ability to build and sustain professional relationships
  • Ability to lead projects or workstreams
  • Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
  • Strong interpersonal skills and professional demeanor
  • Ability to meet deadlines
  • Ability to mentor and provide clear guidance to others

The team

Deloitte's Enterprise Security Offering helps clients embed security across digital transformation initiatives by securing core technology environments while enabling business change. The team supports work spanning security architecture, secure development and deployment, cyber cloud capabilities, application security, and security for emerging technologies and connected products.

Qualifications

Required:

  • Bachelor's degree
  • 8+ years of experience with SAP S/4HANA security and SAP Governance, Risk, and Compliance (GRC) Access Control
  • 8+ years of hands-on experience implementing security for SAP S/4HANA, Fiori, Ariba, Integrated Business Planning (IBP), Business Technology Platform (BTP), and Business Data Cloud (BDC), including requirement gathering, security design, and deployment
  • Demonstrated delivery of 3+ full-cycle SAP GRC Access Control implementation projects, SAP S/4HANA security implementations, and 2+ SAP GRC Process Control implementations
  • 5+ years of experience designing, configuring, and implementing SAP GRC Access Risk Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM)
  • Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
  • Limited immigration sponsorship may be available.

Preferred:

  • Previous consulting experience
  • Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA)
  • Experience with SAP identity and access governance
  • Experience with cloud security and cloud migrations
  • Experience with SAP business process controls and data protection tools such as NextLabs
  • Experience with vulnerability management tools such as Onapsis

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $134,500 to $265,100.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Education:Bachelor's DegreeEmployment Type:

What Deloitte employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom