1

Grc Risk Analyst Jobs (NOW HIRING)

Risk Analyst

Hauppauge, NY ยท On-site

$60K - $73K/yr

Plan, coordinate, and execute RCSAs within the GRC framework/tool (Quantivate) in accordance with ... Perform risk assessments by reviewing and analyzing evidence and documenting results through the ...

Hands-on experience with ServiceNow or another major GRC/risk/compliance tool * Understanding of risk, compliance, controls, audit, business continuity, or third-party risk * Ability to support users ...

Governance & Risk Analyst

Chicago, IL ยท On-site

$85K - $95K/yr

The GRC Analyst will support the organization's Governance, Risk & Compliance function with a primary focus on Third-Party Risk Management (TPRM) and Vendor Risk Assessments (VRA). This role is ...

... GRC, ServiceNow, LogicManager, or equivalent โ€ข Familiarity with enterprise risk frameworks and regulatory requirements โ€ข Strong written and verbal communication skills โ€ข Ability to analyze ...

GRC Analyst - Third Party Risk

Boston, MA ยท On-site

$70K - $110K/yr

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

New

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

New

GRC Analyst - Third Party Risk

Boston, MA ยท On-site

$70K - $110K/yr

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

New

Exposure to SOX, Model Risk Management (SR 11-7), AI Risk Management (NIST AI RMF), or IT GRC ... Strong analytical and critical thinking skills with attention to detail * Ability to translate ...

Exposure to SOX, Model Risk Management (SR 11-7), AI Risk Management (NIST AI RMF), or IT GRC ... Strong analytical and critical thinking skills with attention to detail * Ability to translate ...

Exposure to SOX, Model Risk Management (SR 11-7), AI Risk Management (NIST AI RMF), or IT GRC ... Strong analytical and critical thinking skills with attention to detail * Ability to translate ...

Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements. * Collaborates with senior and lead risk analysts on activities ...

New

Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements. * Collaborates with senior and lead risk analysts on activities ...

New

About You: * You have 8+ years supporting GRC programs in Information Security or Information ... Risk Analyst: * Working with a focus to level-up Information Security GRC at Crunchyroll

GRC Analyst - Third Party Risk

Boston, MA ยท On-site

$70K - $110K/yr

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

New

Exposure to SOX, Model Risk Management (SR 11-7), AI Risk Management (NIST AI RMF), or IT GRC ... Strong analytical and critical thinking skills with attention to detail * Ability to translate ...

Exposure to SOX, Model Risk Management (SR 11-7), AI Risk Management (NIST AI RMF), or IT GRC ... Strong analytical and critical thinking skills with attention to detail * Ability to translate ...

next page

Showing results 1-20

Grc Risk Analyst information

See salary details

$15

$40

$65

How much do grc risk analyst jobs pay per hour?

As of Jul 10, 2026, the average hourly pay for grc risk analyst in the United States is $40.49, according to ZipRecruiter salary data. Most workers in this role earn between $29.81 and $49.28 per hour, depending on experience, location, and employer.

What is the difference between Grc Risk Analyst vs Compliance Analyst?

AspectGrc Risk AnalystCompliance Analyst
CertificationsISO 31000, FRM, CRISCISO 19600, CCEP, CISA
Work EnvironmentRisk management teams, corporate officesRegulatory departments, corporate offices
Industry UsageFinance, banking, insurance, corporate riskFinancial services, healthcare, manufacturing
Job FocusIdentifying, assessing, and mitigating risks across enterpriseEnsuring compliance with laws and regulations

While both roles involve regulatory and risk considerations, a Grc Risk Analyst focuses on enterprise-wide risk management strategies, whereas a Compliance Analyst concentrates on adherence to specific laws and regulations. Both roles require similar certifications and often work in overlapping industries, but their core responsibilities differ in scope and focus.

What are GRC Risk Analysts?

GRC Risk Analysts are professionals who specialize in Governance, Risk, and Compliance (GRC) within an organization. They assess and manage risks related to business operations, ensure compliance with relevant laws and regulations, and help implement policies and controls to mitigate potential threats. These analysts work closely with management to identify vulnerabilities, develop risk management strategies, and monitor the effectiveness of compliance programs. Their goal is to protect the organization from financial, legal, and reputational harm while supporting business objectives.

What are the key skills and qualifications needed to thrive as a GRC Risk Analyst, and why are they important?

To thrive as a GRC (Governance, Risk, and Compliance) Risk Analyst, you need a solid understanding of risk management principles, regulatory requirements, and compliance frameworks, often supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (such as RSA Archer or MetricStream), risk assessment methodologies, and certifications like CRISC or CISA is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey findings to stakeholders. These skills are critical for ensuring organizational compliance, minimizing risk exposure, and supporting informed decision-making.

What are some common challenges a GRC Risk Analyst might face when implementing new risk management frameworks within an organization?

A GRC Risk Analyst often encounters challenges such as resistance to change from stakeholders, integrating new frameworks with existing processes, and ensuring consistent understanding across departments. Aligning risk management practices with organizational goals while adhering to regulatory requirements can also be complex. Success in this role requires strong communication skills, adaptability, and the ability to educate and collaborate with team members from diverse backgrounds.
More about Grc Risk Analyst jobs
What cities are hiring for Grc Risk Analyst jobs? Cities with the most Grc Risk Analyst job openings:
What states have the most Grc Risk Analyst jobs? States with the most job openings for Grc Risk Analyst jobs include:
What job categories do people searching Grc Risk Analyst jobs look for? The top searched job categories for Grc Risk Analyst jobs are:
Infographic showing various Grc Risk Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $84,210 per year, or $40.5 per hour.
Global Sr GRC Analyst

Global Sr GRC Analyst

UGI Corporation

King Of Prussia, PA โ€ข On-site

Full-time

Re-posted 17 days ago


Job description

Requisition Number: 29563
When you work for AmeriGas, you become a part of something BIG! Founded in 1959, AmeriGas is the nation's premier propane company, serving over 1.5 million residential, commercial, industrial and motor fuel propane customers. Together, over 6,500 dedicated professionals will deliver over 1 billion gallons of propane from 1,800+ distribution points across the United States.
Job Summary:
The Global Cybersecurity Senior GRC Analyst plays a critical role in ensuring that the organization operates within its regulatory, legal, and compliance obligations while managing risk effectively. The Global GRC Senior Analyst will report directly to the Global Cybersecurity Governance, Risk and Compliance Manager. This role involves collaborating with cross-functional teams to design, implement, and maintain governance, risk, and compliance processes. The ideal candidate is detail-oriented, analytical, and experienced in regulatory compliance, risk management frameworks, and governance best practices and must develop and apply continuous improvement strategies in all aspects of the job function.
Key Responsibilities:
Governance:
โ€ข Develop and maintain corporate policies, procedures, and frameworks to align with industry best practices (e.g., NIST CSF, SOX, PCI, etc.).
  • Assist with the development and maintenance of GRC process and procedure documentation.

โ€ข Ensure IT functions are in compliance with best practices and company policies and standards through assessments (i.e. peer reviews, audits, etc.)
  • Track key risk indicators and security metrics

Risk Management:
โ€ข Assist with conducting gap assessments to identify threats, vulnerabilities, and potential impacts on the organization.
โ€ข Develop and maintain the risk register, ensuring risks are documented, prioritized, and mitigated.
โ€ข Perform third-party/vendor risk assessments to evaluate potential risks associated with external partnerships and perform on-going monitoring to assess risk of engagement.
  • Maintain centralize documentation, continuous monitoring for vendors, formal escalation protocols for non-compliance to ensure alignment with enterprise risk tolerance.
  • Document risk acceptance decisions and compensating controls
  • Develop and maintain templates for consistent risk documentation
  • Assist in evaluating cybersecurity risk on incoming projects.
  • Assist and support team in performing cybersecurity due diligence on merger/acquisition targets.

Compliance:
โ€ข Ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS) and industry standards through monitoring and reporting metrics, security exceptions and using other methods to monitor compliance
โ€ข Drive compliance by maintaining the compliance framework to ensure policies and standards align to regulatory requirements, laws and best practices.
Stakeholder Engagement
  • Collaborate with business units to understand critical processes
  • Educate stakeholders on risk management concepts and frameworks
  • Partner with technical teams to validate remediation plans
  • Present risk findings to appropriate governance committees
  • Coordinate and collaborate with stakeholders to establish and track metrics for governance programs.

โ€ข Collaborate with stakeholders to monitor regulatory and industry developments to ensure
compliance with changes.
  • Coordinate and collaborate with stakeholders to track outcomes and metrics for all third-party breaches.
  • Advise stakeholders on compliance requirements and incorporate new metrics into governance life cycle process, including new tools as they are onboarded.
  • Coordinate the review of Policies and Standards through collaborating with stakeholders.

Collaboration and Reporting:
โ€ข Partner with IT, Legal, HR, and other departments to ensure alignment on risk and compliance efforts.
โ€ข Create and deliver regular risk and compliance metrics for senior leadership and boards.
โ€ข Serve as a subject matter expert (SME) for GRC-related queries and initiatives.
Qualifications:
Education and Experience:
โ€ข Bachelor's degree in Information Security, Risk Management, Computer Science, or related field, required.
โ€ข 4+ years of experience in GRC, risk management, or compliance roles.
Skills and Competencies:
โ€ข Strong understanding of GRC tools and platforms (e.g., RSA Archer, ServiceNow GRC).
โ€ข Familiarity with risk management frameworks (e.g., COBIT, FAIR) and compliance standards.
โ€ข Exceptional analytical, problem-solving, and organizational skills.
โ€ข Strong written and verbal communication skills, with the ability to interact effectively with stakeholders at all levels.
โ€ข Certifications such as CRISC, CISM, CISA or CISSP highly preferred.
Key Attributes:
โ€ข Attention to detail and ability to manage multiple priorities.
โ€ข Proactive mindset with a focus on continuous improvement.
โ€ข Collaborative team player who can influence without authority.
AmeriGas Propane, Inc. is an Equal Opportunity Employer. The Company does not discriminate on the basis of race, color, sex, national origin, disability, age, gender identity, sexual orientation, veteran status, or any other legally protected class in its practices.
AmeriGas is a Drug Free Workplace. Candidates must be willing to submit to a pre-employment drug screen and a criminal background check. Successful applicants shall be required to pass a pre-employment drug screen as a condition of employment, and if hired, shall be subject to substance abuse testing in accordance with AmeriGas policies. As a federal contractor that engages in safety-sensitive work, AmeriGas cannot permit employees in certain positions to use medical marijuana, even if prescribed by an authorized physician. Similarly, applicants for such positions who are actively using medical marijuana may be denied hire on that basis.

UGI logo

About UGI

Sourced by ZipRecruiter

UGI Corporation, headquartered in King of Prussia, PA, US, is a diversified utility service company engaged in the distribution and marketing of energy products and services on an international scale. Founded in 1882, the corporation operates through its various subsidiaries in the domestic and international markets. Its repertoire of products and services includes natural gas, liquid fuels, and electricity. The company has fundamentally positioned itself as a leader in the energy industry with a commitment to safety, reliability, and exceptional service. UGI's mission revolves around leading the way in delivering reliable, safe, and efficient energy solutions for customers.

Industry

Utilities

Company size

10,000+ Employees

Headquarters location

King of Prussia, PA, US

Year founded

1882

Social media