1

Grc Risk Analyst Jobs in Michigan (NOW HIRING)

Lead Security Architect

Lansing, MI · On-site

$75 - $95/hr

This is not a Security Auditor or GRC-focused role. The ideal candidate must have recent experience ... Risk Analysis * Threat Modeling * Architecture Governance Application Security (AppSec) * Secure ...

Vice President of Cybersecurity

Detroit, MI · Hybrid

$148K - $186K/yr

Governance, Risk & Compliance (GRC) * Lead cybersecurity compliance efforts for government and ... Lead executive-level incident response, cyber crisis management, and post-incident analysis

Proactively identify, analyze, and test high-risk processes and controls, documenting test procedures, findings, and evidence meticulously within our Governance, Risk, and Compliance (GRC) system.

Demonstrate familiarity with Governance, Risk, and Compliance (GRC) software-preferably ServiceNow ... Strong analytical, research, and critical-thinking skills. * Excellent written and verbal ...

Develops and implements analytical reporting and key sales metrics in all aspects of the business ... Inform GRC Coordinator/GRC Owner aware of any risk greater than 50k Euro. * Travel locally ...

SOC Analyst * Threat hunting * Detection engineering * Network Security engineering * Experience in ... Governance, Risk, and Compliance (GRC) * Cloud and hosted applications * Containerization

Vice President of Cybersecurity

Detroit, MI · On-site

$155K - $194K/yr

... risk, posture, and resilience • Advise executive leadership and the board on cybersecurity ... analysis • Ensure cybersecurity is embedded across product, infrastructure, and program ...

Inform Governance, Risk & Compliance (GRC) Coordinator/GRC Owner of any risk greater than 50k Euro ... Leadership Skills, Problem solving techniques, Production Productivity (KAIZEN), Analytical skills ...

Auditor

Dearborn, MI

$99K - $166K/yr

Experience with GRC (Governance, Risk, and Compliance) systems and data analytics tools (e.g., ACL, Tableau, Power BI, SQL). * Demonstrated ability to work effectively both independently and as part ...

Contribute to maintain risk and control matrix (RCM), process documentation, and ongoing control ... Experience working with GRC tools and data analytics * Strong communication skills with the ability ...

next page

Showing results 1-20

Grc Risk Analyst information

What is the difference between Grc Risk Analyst vs Compliance Analyst?

AspectGrc Risk AnalystCompliance Analyst
CertificationsISO 31000, FRM, CRISCISO 19600, CCEP, CISA
Work EnvironmentRisk management teams, corporate officesRegulatory departments, corporate offices
Industry UsageFinance, banking, insurance, corporate riskFinancial services, healthcare, manufacturing
Job FocusIdentifying, assessing, and mitigating risks across enterpriseEnsuring compliance with laws and regulations

While both roles involve regulatory and risk considerations, a Grc Risk Analyst focuses on enterprise-wide risk management strategies, whereas a Compliance Analyst concentrates on adherence to specific laws and regulations. Both roles require similar certifications and often work in overlapping industries, but their core responsibilities differ in scope and focus.

What are GRC Risk Analysts?

GRC Risk Analysts are professionals who specialize in Governance, Risk, and Compliance (GRC) within an organization. They assess and manage risks related to business operations, ensure compliance with relevant laws and regulations, and help implement policies and controls to mitigate potential threats. These analysts work closely with management to identify vulnerabilities, develop risk management strategies, and monitor the effectiveness of compliance programs. Their goal is to protect the organization from financial, legal, and reputational harm while supporting business objectives.

What are the key skills and qualifications needed to thrive as a GRC Risk Analyst, and why are they important?

To thrive as a GRC (Governance, Risk, and Compliance) Risk Analyst, you need a solid understanding of risk management principles, regulatory requirements, and compliance frameworks, often supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (such as RSA Archer or MetricStream), risk assessment methodologies, and certifications like CRISC or CISA is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey findings to stakeholders. These skills are critical for ensuring organizational compliance, minimizing risk exposure, and supporting informed decision-making.

What are some common challenges a GRC Risk Analyst might face when implementing new risk management frameworks within an organization?

A GRC Risk Analyst often encounters challenges such as resistance to change from stakeholders, integrating new frameworks with existing processes, and ensuring consistent understanding across departments. Aligning risk management practices with organizational goals while adhering to regulatory requirements can also be complex. Success in this role requires strong communication skills, adaptability, and the ability to educate and collaborate with team members from diverse backgrounds.
What job categories do people searching Grc Risk Analyst jobs in Michigan look for? The top searched job categories for Grc Risk Analyst jobs in Michigan are:
What cities in Michigan are hiring for Grc Risk Analyst jobs? Cities in Michigan with the most Grc Risk Analyst job openings:
Compliance- Product Cybersecurity, Ford Energy

Compliance- Product Cybersecurity, Ford Energy

Ford Motor Company

Dearborn, MI • Hybrid

$86K - $166K/yr

Full-time

Medical, Dental, Vision, Life, PTO

Posted 21 days ago


Job description

In this position... 
As the Product Cybersecurity Compliance Analyst, you will play a critical role in securing Ford Energy's grid-scale and commercial systems. You will implement, validate, and optimize cybersecurity compliance across our product ecosystems, ensuring that our cutting-edge hardware and software platforms remain resilient against evolving threats.
In this high-impact position, you will support immediate product security initiatives, ensuring both third-party components and internal software developments adhere to rigorous security standards. By leading supply chain risk management, secure development practices, and vulnerability remediation tracking, you will safeguard the infrastructure powering the next generation of the American grid.

You'll have...
Required:

  • Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or a related technical field. 
  • 3-5 years of experience in Product Cybersecurity, IT Compliance, Cybersecurity Governance, Risk & Compliance (GRC), or Security Auditing. 
  • Proven experience evaluating third-party vendor risk, conducting supplier assessments, and analyzing Software Bills of Materials (SBOMs). 
  • Solid understanding of Secure Software Development Lifecycles (SSDLC), secure coding standards (e.g., OWASP, CERT), and DevSecOps integrations. 
  • Demonstrated knowledge of cybersecurity frameworks and standards such as ISO/SAE 21434, UNECE R155, ISO 27001, NIST CSF, or SOC 2. 
  • Experience using vulnerability tracking and management tools (e.g., Jira, ServiceNow, Kenna, or platform-specific GRC tools) to drive remediation lifecycles.

Even better, you may have...
Leadership Attributes:

  • Detail-oriented and analytical thinker capable of managing multiple compliance streams in a fast-paced, evolving regulatory environment.
  • Professional certifications such as CISA, CRISC, CISSP, CompTIA Security+, or CCSK are highly desirable.
  • Direct experience in the Automotive, EV, Renewable Energy, Aerospace, or regulated manufacturing industries.
  • Experience with automated SBOM analysis tools (e.g., Black Duck, Snyk, Dependency-Track).
  • Exceptional written and verbal communication skills, with the proven ability to translate complex technical vulnerabilities into clear compliance risk profiles for diverse stakeholders.

Location & Travel:

  • Location Dearborn, MI 
  • Travel Expectations: This role requires travel to customer sites and project locations as needed to support technical solutions and site assessments.

You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!
As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including:

  • Immediate medical, dental, vision and prescription drug coverage
  • Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more
  • Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
  • Vehicle discount program for employees and family members and management leases
  • Tuition assistance
  • Established and active employee resource groups
  • Paid time off for individual and team community service 
  • A generous schedule of paid holidays, including the week between Christmas and New Year's Day 
  • Paid time off and the option to purchase additional vacation time. 

This position is a salary grade 7 - 8 and ranges from $86,600-$166,200.

Final determination of salary grade will be based on candidate's skills and experience, and base salary will be set within the applicable range according to job scope, responsibility and competitive market value.
For more information on salary and benefits, click here: https://fordcareers.co/GSR

Visa sponsorship is not available for this position.

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.

This position is hybrid. Candidates who are in commuting distance to a Ford hub location may be required to be onsite four or more days per week. 

Company: As Ford establishes a wholly owned subsidiary focused on Battery Energy Storage Systems, this role will initially be employed by Ford and is expected to transition to the subsidiary within one year.

#LI-KF2 

#FordEnergy

#LI-Hybrid

You'll have...
Required:

  • Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or a related technical field. 
  • 3-5 years of experience in Product Cybersecurity, IT Compliance, Cybersecurity Governance, Risk & Compliance (GRC), or Security Auditing. 
  • Proven experience evaluating third-party vendor risk, conducting supplier assessments, and analyzing Software Bills of Materials (SBOMs). 
  • Solid understanding of Secure Software Development Lifecycles (SSDLC), secure coding standards (e.g., OWASP, CERT), and DevSecOps integrations. 
  • Demonstrated knowledge of cybersecurity frameworks and standards such as ISO/SAE 21434, UNECE R155, ISO 27001, NIST CSF, or SOC 2. 
  • Experience using vulnerability tracking and management tools (e.g., Jira, ServiceNow, Kenna, or platform-specific GRC tools) to drive remediation lifecycles.

Even better, you may have...
Leadership Attributes:

  • Detail-oriented and analytical thinker capable of managing multiple compliance streams in a fast-paced, evolving regulatory environment.
  • Professional certifications such as CISA, CRISC, CISSP, CompTIA Security+, or CCSK are highly desirable.
  • Direct experience in the Automotive, EV, Renewable Energy, Aerospace, or regulated manufacturing industries.
  • Experience with automated SBOM analysis tools (e.g., Black Duck, Snyk, Dependency-Track).
  • Exceptional written and verbal communication skills, with the proven ability to translate complex technical vulnerabilities into clear compliance risk profiles for diverse stakeholders.

Location & Travel:

  • Location Dearborn, MI 
  • Travel Expectations: This role requires travel to customer sites and project locations as needed to support technical solutions and site assessments.

You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!
As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including:

  • Immediate medical, dental, vision and prescription drug coverage
  • Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more
  • Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
  • Vehicle discount program for employees and family members and management leases
  • Tuition assistance
  • Established and active employee resource groups
  • Paid time off for individual and team community service 
  • A generous schedule of paid holidays, including the week between Christmas and New Year's Day 
  • Paid time off and the option to purchase additional vacation time. 

This position is a salary grade 7 - 8 and ranges from $86,600-$166,200.

Final determination of salary grade will be based on candidate's skills and experience, and base salary will be set within the applicable range according to job scope, responsibility and competitive market value.
For more information on salary and benefits, click here: https://fordcareers.co/GSR

Visa sponsorship is not available for this position.

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.

This position is hybrid. Candidates who are in commuting distance to a Ford hub location may be required to be onsite four or more days per week. 

#LI-KF2 

#FordEnergy

#LI-Hybrid

What you'll do...

Key Responsibilities:

  • Supply Chain & Third-Party Governance: Conduct detailed cybersecurity risk assessments on third-party software, hardware, and cloud suppliers. Review Software Bills of Materials (SBOMs), vendor security postures, and supply chain risk profiles to ensure alignment with company security requirements. 
  • Secure Development Practices: Collaborate with product engineering teams to integrate secure software development lifecycle (SSDLC) practices. Promote threat modeling, secure code reviews, and automated security testing (SAST/DAST) across development pipelines. 
  • Security & Compliance Requirements: Interpret, define, and map product security and compliance requirements against global standards and regulations (e.g., UNECE WP.29 R155/R156, ISO/SAE 21434, ISO 27001, NIST SP 800-53).
  • Vulnerability Remediation & Tracking: Lead the end-to-end tracking, prioritization, and remediation of product and third-party vulnerabilities. Coordinate with engineering teams to monitor patch management lifecycles and report on compliance metrics.
  • Audit & Evidence Collection: Manage and maintain compliance documentation and evidence artifacts for internal audits and external regulatory submissions (e.g., vehicle type approvals and energy sector certifications). 
  • Operational Excellence: Establish and optimize compliance dashboards, KPIs, and reporting mechanisms to track product cybersecurity posture and compliance scores. 
  • Collaboration & Innovation: Partner closely with Purchasing, Legal, Product Engineering, and enterprise IT security teams to drive a unified risk management strategy. Apply automated tools and modern approaches to scale supply chain risk assessments and vulnerability tracking processes.

Ford logo

About Ford

Sourced by ZipRecruiter

At Ford Motor Company, we believe freedom of movement drives human progress. With our incredible plans for the future of mobility, we have a wide variety of opportunities for you to accelerate your career and help us define tomorrow's transportation.

Industry

Civil engineering construction

Company size

51 - 200 Employees

Headquarters location

Doral, FL, US

Year founded

1982