1

Grc Risk Analyst Jobs in Minnesota (NOW HIRING)

Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension ... 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC Demonstrate ...

ServiceNow IRM

Minneapolis, MN · On-site

$60K - $135K/yr

... Risk & Compliance. * ServiceNow GRC Implementation or development experience is a must have ... Excellent analytical and Strong problem-solving skills * Excellent teamwork and team building ...

... Governance, Risk and Compliance (GRC) space of Client cyber security team as part of the ... Experience analyzing business requirements and translate them into technical solutions. * Ideal ...

Perform analysis of emerging technologies and design and build architectures and solutions to ... Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance)

... Discovery, Governance, Risk & Compliance. • ServiceNow GRC Implementation or development ... analytical and Strong problem-solving skills • Excellent teamwork and team building skills. • ...

next page

Showing results 1-20

Grc Risk Analyst information

What is the difference between Grc Risk Analyst vs Compliance Analyst?

AspectGrc Risk AnalystCompliance Analyst
CertificationsISO 31000, FRM, CRISCISO 19600, CCEP, CISA
Work EnvironmentRisk management teams, corporate officesRegulatory departments, corporate offices
Industry UsageFinance, banking, insurance, corporate riskFinancial services, healthcare, manufacturing
Job FocusIdentifying, assessing, and mitigating risks across enterpriseEnsuring compliance with laws and regulations

While both roles involve regulatory and risk considerations, a Grc Risk Analyst focuses on enterprise-wide risk management strategies, whereas a Compliance Analyst concentrates on adherence to specific laws and regulations. Both roles require similar certifications and often work in overlapping industries, but their core responsibilities differ in scope and focus.

What are GRC Risk Analysts?

GRC Risk Analysts are professionals who specialize in Governance, Risk, and Compliance (GRC) within an organization. They assess and manage risks related to business operations, ensure compliance with relevant laws and regulations, and help implement policies and controls to mitigate potential threats. These analysts work closely with management to identify vulnerabilities, develop risk management strategies, and monitor the effectiveness of compliance programs. Their goal is to protect the organization from financial, legal, and reputational harm while supporting business objectives.

What are the key skills and qualifications needed to thrive as a GRC Risk Analyst, and why are they important?

To thrive as a GRC (Governance, Risk, and Compliance) Risk Analyst, you need a solid understanding of risk management principles, regulatory requirements, and compliance frameworks, often supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (such as RSA Archer or MetricStream), risk assessment methodologies, and certifications like CRISC or CISA is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey findings to stakeholders. These skills are critical for ensuring organizational compliance, minimizing risk exposure, and supporting informed decision-making.

What are some common challenges a GRC Risk Analyst might face when implementing new risk management frameworks within an organization?

A GRC Risk Analyst often encounters challenges such as resistance to change from stakeholders, integrating new frameworks with existing processes, and ensuring consistent understanding across departments. Aligning risk management practices with organizational goals while adhering to regulatory requirements can also be complex. Success in this role requires strong communication skills, adaptability, and the ability to educate and collaborate with team members from diverse backgrounds.
What job categories do people searching Grc Risk Analyst jobs in Minnesota look for? The top searched job categories for Grc Risk Analyst jobs in Minnesota are:
Sr. Security Compliance Analyst -PCI DSS & U.S. Fed

Sr. Security Compliance Analyst -PCI DSS & U.S. Fed

Entrust Corp.

Shakopee, MN • On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 7 days ago


Job description

Join us at Entrust
At Entrust, we're shaping the future of identity centric security solutions. From our comprehensive portfolio of solutions to our flexible, global workplace, we empower careers, foster collaboration, and build solutions that help keep the world moving safely.
Get to Know Us
Headquartered in Minnesota, Entrust is an industry leader in identity-centric security solutions, serving over 150 countries with cutting-edge, scalable technologies. But our secret weapon? Our people. It's the curiosity, dedication, and innovation that drive our success and help us anticipate the future.
Position Overview:
Entrust is seeking a highly skilled Senior Security Compliance Analyst to lead and sustain compliance for multiple compliance programs including PCI DSS and U.S. Federal. This role is responsible for designing and executing continuous compliance monitoring activities, identifying gaps and leading associated remediation efforts, planning and leading third-party audits, and measuring control effectiveness across cloud-based, on-prem and hybrid environments. The ideal candidate brings deep PCI DSS expertise, strong knowledge of the Risk Management Framework, FedRAMP and NIST 800-53 frameworks, and modern GRC experience that enables scalable, automated, and evidence-driven compliance operations.
This position partners closely with Security, Engineering, Product, and third-party providers to ensure controls are designed effectively, operating consistently, and aligned to business, statutory and regulatory expectations.
How You Will Make an Impact:
Lead and support end-to-end compliance efforts across multiple environments, including readiness assessments, audits, and continuous monitoring activities to ensure sustained security posture and audit readiness. Responsibilities include, but are not limited to:
  • Leading PCI DSS compliance-related activities and certification;
  • Supporting U.S. Federal readiness efforts, including gap assessments against NIST SP 800-53 and tracking remediation activities (POA&M);
  • Maintaining required evidence artifacts and ensuring traceability of evidence;
  • Interpreting and operationalizing compliance requirements into actionable control activities for engineering and operations;
  • Serving as SME for PCI DSS and NIST 800-53 compliance, advising internal teams and customers;
  • Supporting development of FedRAMP artifacts (e.g., SSP, control narratives, shared responsibility matrices);
  • Partnering with control owners to ensure controls meet PCI DSS and NIST 800-53 requirements;
  • Supporting external audits by preparing evidence, responding to auditor requests, coordinating audit activities, and tracking remediation;
  • Driving coordination with third parties (e.g., service providers, hosting partners) to ensure shared control alignment;
  • Ensuring audit readiness through continuous proactive gap assessments and control testing throughout the year;
  • Identifying, assessing, and communicating compliance and security risks to stakeholders;
  • Identifying, tracking, and driving closure of audit findings and control deficiencies; and
  • Contributing to the development and maintenance of security policies, standards, and procedures.

Basic Qualifications:
  • 5+ years in security compliance, audit, or GRC with a strong understanding of administrative, technical, and physical controls, including how they support one another
  • Hands-on technical and audit experience with PCI DSS and NIST 800-53 compliance
  • Ability to work across multiple time zones with virtual global teams
  • Strong technical understanding of:
    • Cloud environments and shared responsibility models
    • Access control, change management, logging and altering, and vulnerability management and other security domains
  • Experience working in SaaS or cloud-native environments
  • Experience working cross-functionally with engineering and infrastructure teams

Preferred Qualifications:
  • Experience supporting multiple compliance frameworks (PCI DSS, PCI CP, SOC 2, FedRAMP, NIST 800-53/FISMA, ISO 27001/2, ISO 42001)
  • Experience with modern GRC platforms and control automation
  • Familiarity with continuous compliance / continuous monitoring models
  • Certifications such as: CISSP, CISA, CISM, CRISC, PCI ISA/QSA/PCI CP (preferred but not required)

Where You Will Be: Open to U.S.-based candidates and will be fully remote.
About Entrust:
Our growing company relies on curious, dedicated and innovative colleagues to anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries, serve and safeguard citizens, employees and consumers. Each year, our solutions secure billions of transactions - and every day, our technologies issue and manage more than 10 million secure identities. How do we do all of this? Together.
At Entrust, we don't just offer jobs - we offer career journeys. Here is what you can expect when you join our team: For more information, visit www.entrust.com. Follow us on, LinkedIn, Facebook, Instagram, and YouTube
Entrust Corporation is an EOE/AA/Veteran/People with Disabilities employer.
NO AGENCIES, NO RELOCATION
#LI-GR1
#ENT123
At Entrust, we don't just offer jobs - we offer career journeys. Here is what you can expect when you join our team:
  • Career Growth: Whether you're a budding developer or a seasoned expert, we're invested in your professional journey. With learning-forward initiatives and exciting challenges, your growth is our priority.

  • Flexibility: Life is all about balance. Whether you're remote, hybrid, or on-site, we offer flexible options that fit your lifestyle.

  • Collaboration: Here, your voice matters. Our teams thrive on sharing ideas, brainstorming solutions, and working together to build a better tomorrow.

We believe in securing identities-but it doesn't stop there. At Entrust, we're passionate about valuing all identities. Our culture is built on diversity, inclusion, and respect. From unconscious bias training for our leaders to global affinity groups that connect colleagues across the globe, we're creating a community where everyone is encouraged to be themselves.
Ready to Make an Impact?
If you're excited by the prospect of innovating, growing your career, and collaborating in a dynamic environment, Entrust is the place for you. Join us in making a difference. Let's build a more secure world-together.
Apply today!
For more information, visit www.entrust.com. Follow us on, LinkedIn, Facebook, Instagram, and YouTube
Compensation Range:
The anticipated starting base pay for this position is: $119,078-$174,648 per year (in the primary posting location). Actual compensation will be determined based on geographic location, education, skills and experience. This position is also eligible for the company's discretionary annual incentive plan. In addition to your pay, Entrust offers eligible colleagues and their dependents comprehensive health and well-being programs which include medical, vision, dental, a generous 401(k) matching contribution, life and disability insurance, mental health coaching, virtual fitness programs, paid personal time off plus 12 paid holidays, parental leave and education reimbursement. Please speak with the recruiter for more details. Note: Benefit and Compensation programs are subject to eligibility requirements and other terms of the applicable plan or program. Entrust has the right to end, suspend or amend any of its plans at any time in whole or in part.
For US roles, or where applicable:
Entrust is an EEO/AA/Disabled/Veterans Employer
For Canadian roles, or where applicable:
Entrust values diversity and inclusion and we are committed to building a diverse workforce with wide perspectives and innovative ideas. We welcome applications from qualified individuals of all backgrounds, and we strive to provide an accessible experience for candidates of all abilities.
If you require an accommodation, contact accessibility@entrust.com.
Recruiter:
James Beck