1

Grc Risk Analyst Jobs in Minnesota (NOW HIRING)

Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements. * Collaborates with senior and lead risk analysts on activities ...

Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements. * Collaborates with senior and lead risk analysts on activities ...

Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements. * Collaborates with senior and lead risk analysts on activities ...

Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension ... 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC Demonstrate ...

$100K - $150K/yr

The role involves conducting assessments, monitoring compliance efforts, managing risk, and ... Hands-on experience with compliance management tools and GRC platforms. * Proficiency in ...

next page

Showing results 1-20

Grc Risk Analyst information

What is the difference between Grc Risk Analyst vs Compliance Analyst?

AspectGrc Risk AnalystCompliance Analyst
CertificationsISO 31000, FRM, CRISCISO 19600, CCEP, CISA
Work EnvironmentRisk management teams, corporate officesRegulatory departments, corporate offices
Industry UsageFinance, banking, insurance, corporate riskFinancial services, healthcare, manufacturing
Job FocusIdentifying, assessing, and mitigating risks across enterpriseEnsuring compliance with laws and regulations

While both roles involve regulatory and risk considerations, a Grc Risk Analyst focuses on enterprise-wide risk management strategies, whereas a Compliance Analyst concentrates on adherence to specific laws and regulations. Both roles require similar certifications and often work in overlapping industries, but their core responsibilities differ in scope and focus.

What are GRC Risk Analysts?

GRC Risk Analysts are professionals who specialize in Governance, Risk, and Compliance (GRC) within an organization. They assess and manage risks related to business operations, ensure compliance with relevant laws and regulations, and help implement policies and controls to mitigate potential threats. These analysts work closely with management to identify vulnerabilities, develop risk management strategies, and monitor the effectiveness of compliance programs. Their goal is to protect the organization from financial, legal, and reputational harm while supporting business objectives.

What are the key skills and qualifications needed to thrive as a GRC Risk Analyst, and why are they important?

To thrive as a GRC (Governance, Risk, and Compliance) Risk Analyst, you need a solid understanding of risk management principles, regulatory requirements, and compliance frameworks, often supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (such as RSA Archer or MetricStream), risk assessment methodologies, and certifications like CRISC or CISA is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey findings to stakeholders. These skills are critical for ensuring organizational compliance, minimizing risk exposure, and supporting informed decision-making.

What are some common challenges a GRC Risk Analyst might face when implementing new risk management frameworks within an organization?

A GRC Risk Analyst often encounters challenges such as resistance to change from stakeholders, integrating new frameworks with existing processes, and ensuring consistent understanding across departments. Aligning risk management practices with organizational goals while adhering to regulatory requirements can also be complex. Success in this role requires strong communication skills, adaptability, and the ability to educate and collaborate with team members from diverse backgrounds.
What job categories do people searching Grc Risk Analyst jobs in Minnesota look for? The top searched job categories for Grc Risk Analyst jobs in Minnesota are:
Security Risk Analyst

Security Risk Analyst

Xcel Energy

Minneapolis, MN

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 6 days ago


Xcel Energy rating

8.3

Company rating: 8.3 out of 10

Based on 89 frontline employees who took The Breakroom Quiz

20th of 52 rated energy and utility


Job description

Are you looking for an exciting job where you can put your skills and talents to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A position at Xcel Energy could be just what you're looking for.

Position Summary
Executes critical aspects of the Enterprise Security Risk Management function. Partners with the business to document and measure risk inherent to systems, assets, and information. Works with the security teams and collaborates with the business to assess IT risks. Tracks risk remediation items. Oversees the risk review process and reporting across the enterprise.
Essential Responsibilities

  • Oversees the risk acceptance process across the enterprise to ensure risks are documented and accepted at the correct levels of the organization. Validates remediation plans are in place to reduce risk where possible. Manages cycle to reassess accepted risks, obtain sign-off, and provide reporting.

  • Assists business partners with completing risk assessments and ensuring the correct documentation is captured to support the risk assessment process. Translates technical language into business terms to facilitate understanding of risk to the business.

  • Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements.

  • Collaborates with senior and lead risk analysts on activities related to risk modeling, comprehensive periodic risk assessments, and regulatory reporting standards and expectations, and the development of communication and presentations for internal and external audiences.

  • Supports on the development of communications and presentations appropriate for senior level audiences and external regulators.

Minimum Requirements

  • Minimum of 3 years experience working in a security function. (One year of working in a highly regulated environment e.g. Utilities, Financial, may substitute for up to 18 months experience in a security function.)

  • 2 years of experience with risk assessments, audit or control testing.

  • Knowledge of security and lifecycle management, including auditing methodology or technology risk assessments.

  • Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.

  • Ability to develop strong working relationships with peers and stakeholders across business units.

  • Experience working with information security policies, standards, industry best practices and/or frameworks (e.g., ISO 27K, NIST 800-53, FISMA, BITS, etc.)

  • Knowledge of IT Security tools and technologies used in an enterprise environment.

  • Preferred Requirements: Bachelor's degree or higher with a concentration in computer science, technology, or business, or equivalent combination of education and experience.

  • Security or Risk-related certifications (CRISC, CISSP, CISA, etc.)

Preferred Qualifications

  • Risk Assessment Experience:Experience conducting vendor and project-based security risk assessments, including identifying risks, evaluating impact/likelihood, and recommending appropriate controls and treatment strategies.

  • Security Frameworks & Controls:Working knowledge of security frameworks and standards (e.g., NIST, ISO 27001) and ability to apply control requirements within risk assessments and findings.

  • GRC Tooling:Familiarity with GRC platforms such as Archer and/or ProcessUnity for documenting assessments, tracking risks, and managing findings lifecycle.

  • Findings & Risk Management:Experience developing detailed findings, managing remediation tracking, and supporting risk acceptance and exception processes with minimal guidance.

  • Stakeholder Engagement:Ability to partner with business and technology teams to gather requirements, facilitate discussions, and support risk-based decision-making.

  • Communication & Documentation:Strong written communication skills with the ability to clearly document risk assessments, findings, and recommendations for both technical and business audiences.

  • Self-Starter & Adaptability:Demonstrated ability to work independently, manage ambiguity, and prioritize work across multiple assessments and initiatives.

  • Security & Risk Background:~5+ years of experience in cybersecurity, IT risk, GRC, audit, compliance, or security consulting.

As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you're ready to be a part of something big, we invite you to join our team.

All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Individuals with a disability who need an accommodation to apply please contact us at recruiting@xcelenergy.com.

Non-BargainingThe anticipated starting base pay for this position is: $73,700.00 to $104,633.00 per yearThis position is eligible for the following benefits: Annual Incentive Program, Medical/Pharmacy Plan, Dental, Vision, Life Insurance, Dependent Care Reimbursement Account, Health Care Reimbursement Account, Health Savings Account (HSA) (if enrolled in eligible health plan), Limited-Purpose FSA (if enrolled in eligible health plan and HSA), Transportation Reimbursement Account, Short-term disability (STD), Long-term disability (LTD), Employee Assistance Program (EAP), Fitness Center Reimbursement (if enrolled in eligible health plan), Tuition reimbursement, Transit programs, Employee recognition program, Pension, 401(k) plan, Paid time off (PTO), Holidays, Volunteer Paid Time Off (VPTO), Parental Leave

Benefit plans are subject to change and Xcel Energy has the right to end, suspend, or amend any of its plans, at any time, in whole or in part.

In any materials you submit, you may redact or remove age-identifying information including but not limited to dates of school attendance and graduation. You will not be penalized for redacting or removing this information.

Deadline to Apply: 07/21/26

EEO is the Law |EEO is the Law Supplement | Pay Transparency Nondiscrimination | Equal Opportunity Policy (PDF) | Employee Rights (PDF)

All Xcel Energy employees and contractors share responsibility for protecting the company's information and systems by adhering to cybersecurity policies, standards, and best practices, recognizing that cybersecurity is everyone's responsibility.

ACCESSIBILITY STATEMENT

Xcel Energy endeavors to make https://www.xcelenergy.com/ accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Xcel Energy Talent Acquisition at recruiting@xcelenergy.com. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.


What Xcel Energy employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Xcel Energy logo

About Xcel Energy

Sourced by ZipRecruiter

Xcel Energy is a prominent electricity and natural gas service provider serving multiple states in the United States, including Colorado, Michigan, Minnesota, New Mexico, North Dakota, South Dakota, Texas, and Wisconsin. Our commitment revolves around delivering essential services to our valued customers. As a trailblazer in the industry, we were the first major US electricity provider with a visionary goal to achieve 100% carbon-free electricity by 2050 and an ambitious 80% reduction in carbon emissions by 2030, based on 2005 levels. Through innovative electric vehicle initiatives, we actively contribute to carbon reduction not only in our electricity generation but also in the transportation sector within the states we operate. Simultaneously, we remain devoted to ensuring cost-effectiveness for our customers by implementing advanced electricity rates and energy efficiency programs.

Industry

Utilities

Company size

10,000+ Employees

Headquarters location

Minneapolis, MN, US

Year founded

1909