1

Grc Risk Analyst Jobs in Miami, FL (NOW HIRING)

Cybersecurity, IT GRC Practice Lead

Coral Gables, FL · On-site

$105K - $142K/yr

... AI Risk Management and more--and you love leading teams and effortlessly guiding your clients ... This position requires a highly analytical, detail-oriented professional with experience ...

This position requires a highly analytical, detail-oriented professional with experience ... What You'll Do: * Assist with Annual Risk Assessment & Audit Planning * Attend interviews with ...

next page

Showing results 1-20

Grc Risk Analyst information

See Miami, FL salary details

$14

$38

$62

How much do grc risk analyst jobs pay per hour?

As of Jul 15, 2026, the average hourly pay for grc risk analyst in Miami, FL is $38.72, according to ZipRecruiter salary data. Most workers in this role earn between $28.51 and $47.12 per hour, depending on experience, location, and employer.

What is the difference between Grc Risk Analyst vs Compliance Analyst?

AspectGrc Risk AnalystCompliance Analyst
CertificationsISO 31000, FRM, CRISCISO 19600, CCEP, CISA
Work EnvironmentRisk management teams, corporate officesRegulatory departments, corporate offices
Industry UsageFinance, banking, insurance, corporate riskFinancial services, healthcare, manufacturing
Job FocusIdentifying, assessing, and mitigating risks across enterpriseEnsuring compliance with laws and regulations

While both roles involve regulatory and risk considerations, a Grc Risk Analyst focuses on enterprise-wide risk management strategies, whereas a Compliance Analyst concentrates on adherence to specific laws and regulations. Both roles require similar certifications and often work in overlapping industries, but their core responsibilities differ in scope and focus.

What are GRC Risk Analysts?

GRC Risk Analysts are professionals who specialize in Governance, Risk, and Compliance (GRC) within an organization. They assess and manage risks related to business operations, ensure compliance with relevant laws and regulations, and help implement policies and controls to mitigate potential threats. These analysts work closely with management to identify vulnerabilities, develop risk management strategies, and monitor the effectiveness of compliance programs. Their goal is to protect the organization from financial, legal, and reputational harm while supporting business objectives.

What are the key skills and qualifications needed to thrive as a GRC Risk Analyst, and why are they important?

To thrive as a GRC (Governance, Risk, and Compliance) Risk Analyst, you need a solid understanding of risk management principles, regulatory requirements, and compliance frameworks, often supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (such as RSA Archer or MetricStream), risk assessment methodologies, and certifications like CRISC or CISA is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey findings to stakeholders. These skills are critical for ensuring organizational compliance, minimizing risk exposure, and supporting informed decision-making.

What are some common challenges a GRC Risk Analyst might face when implementing new risk management frameworks within an organization?

A GRC Risk Analyst often encounters challenges such as resistance to change from stakeholders, integrating new frameworks with existing processes, and ensuring consistent understanding across departments. Aligning risk management practices with organizational goals while adhering to regulatory requirements can also be complex. Success in this role requires strong communication skills, adaptability, and the ability to educate and collaborate with team members from diverse backgrounds.
What job categories do people searching Grc Risk Analyst jobs in Miami, FL look for? The top searched job categories for Grc Risk Analyst jobs in Miami, FL are:
What cities near Miami, FL are hiring for Grc Risk Analyst jobs? Cities near Miami, FL with the most Grc Risk Analyst job openings:
Infographic showing various Grc Risk Analyst job openings in Miami, FL as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 84% Full Time, 8% Part Time, 2% Temporary, and 4% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $80,542 per year, or $38.7 per hour.
Lead, Information Risk and GRC

Other

Posted 10 days ago


Job description

Journey with us! Combine your career goals and sense of adventure by joining our exciting team of employees. Royal Caribbean Group is pleased to offer a competitive compensation and benefits package, and excellent career development opportunities, each offering unique ways to explore the world.

The Royal Caribbean Group's IT-Global Information Security Team has an exciting career opportunity for a full-time Lead, Information Risk and GRC reporting to the Sr Mgr, CyberSecurity Risk Management

The position is onsite and based in Miramar , Florida.

  • Essential Duties and Responsibilities: 
    We are seeking a highly skilled and experienced Lead, Information Risk and GRC with a strong emphasis on Third-Party Risk Management (TPRM) to join the Global Information Security (GIS) team. The ideal candidate will bring deep expertise in managing third-party cyber risk across the vendor lifecycle and enhancing GRC and TPRM programs and platforms. 
  •  
  • Lead and mature the organization's Third-Party Risk Management (TPRM) program, ensuring alignment with business objectives, vendor strategies, and regulatory requirements. 
  • Oversee end-to-end third-party risk lifecycle, including; Vendor onboarding and inherent risk tiering; Security due diligence (cyber risk assessments); Continuous monitoring and reassessment; Offboarding and risk closure 
  • Define and enhance third-party risk methodologies, including; Risk scoring models; Standardized assessment templates; Control validation and evidence review processes; Prioritize and assess vendor-related cyber risks, ensuring appropriate mitigation strategies, compensating controls, and risk acceptance processes are implemented. 
  • Provide executive-level reporting on third-party risk posture, including; Critical vendor risk exposure; Concentration risk insights; Remediation progress and SLA adherence 
  • Partner with Sr. Director and Sr. Manager to define the strategic roadmap for GRC and TPRM platforms, ensuring scalability and alignment to enterprise risk management needs. 
  • Lead configuration and optimization of TPRM workflows within platforms such as ServiceNow GRC / Archer / MetricStream; Intake workflows; Automated risk scoring; Evidence tracking; Issue remediation workflows 
  • Identify automation opportunities to improve; Vendor onboarding cycle time; Assessment throughput; Reporting and dashboards 
  • Oversee ongoing platform maintenance, enhancements, and user adoption across business units. 
  • Develop and maintain third-party risk policies, standards, and procedures.  
  • Ensure cyclical policy reviews with CISO, CIO, and senior leadership, with updates reflecting evolving supply chain threats. 
  • Act as SME for third-party risk during audits, regulatory reviews, and internal risk councils. 
  • Partner with Procurement, Legal, Privacy, and Business Owners to embed security requirements in vendor selection and contracting. 
  • Provide guidance and training to stakeholders on third-party risk processes and expectations. 
  • Support escalation management for high-risk or non-compliant vendors.

 

  • Qualifications, Knowledge and Skills:
    Bachelor's in information technology/security, Computer Science is preferred, non-technical degrees with Computer Science fundamentals will be considered combined with technology experience.  
  • At least one Information Security certification such as CISSP, CCSP, CEH, CRISC, GIAC, CISM, etc. required. 
  • 5-7 years of Information Security, Information Technology, Risk, Audit and/or a combination of experience. 
  • 5-7 years of managing projects and/or teams.   
  • 2-5 years of experience in GRC platform development.  
  • Proficiency in GRC platforms (e.g., RSA Archer, ServiceNow GRC, MetricStream) and risk assessment tools. Strong understanding of information security frameworks (e.g., NIST CSF, ISO 27001). 
  • Deep understanding of cyber risk management principles, threat modeling, and risk mitigation strategies. 
  • Strong analytical and problem-solving skills. Ability to assess risks, identify solutions, and make data-driven decisions. 
  • Previous experience in a lead or managerial role is highly desirable. 
  • Executive level written and verbal communications required. Ability to effectively communicate complex security concepts to both technical and non-technical audiences. 
  • Takes initiative and anticipates needs before they arise. 
  • Pays close attention to detail while maintaining a big-picture perspective. 
  • Works well with others and contributes to a positive team culture. 
  • Thrives in a fast-paced, dynamic environment. 

We know there's a lot to consider. As you go through the application process, our recruiters will be glad to provide guidance, and more relevant details to answer any additional questions. Thank you again for your interest in Royal Caribbean Group. We'll hope to see you onboard soon!

It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. Royal Caribbean Group and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.