1

Grc Risk Jobs in Atlanta, GA (NOW HIRING)

About the Role Merci Technologies is seeking a GRC Analyst to support the governance, risk, and compliance program for one of our enterprise clients. This role sits at the intersection of security ...

This role will drive a risk-based security posture , ensure sustainable, audit-ready controls while reduce organizational risk and maintaining a defensible compliance position. The GRC Lead provides ...

GRC, SOX Project Lead

Atlanta, GA ยท On-site

$90K - $118K/yr

Job Title: GRC, SOX Project Lead Location: Atlanta, GA / New York, NY Job Type: Full Time Job ... Senior Risk Management Professional with deep expertise in SOX IT Controls, Risk Management ...

next page

Showing results 1-20

Grc Risk information

See Atlanta, GA salary details

$21.6K

$113.7K

$201.9K

How much do grc risk jobs pay per year?

As of Jul 13, 2026, the average yearly pay for grc risk in Atlanta, GA is $113,724.00, according to ZipRecruiter salary data. Most workers in this role earn between $81,300.00 and $139,400.00 per year, depending on experience, location, and employer.

What is the difference between Grc Risk vs Grc Analyst?

AspectGrc RiskGrc Analyst
CertificationsISO 31000, CRISC, COSOCISA, CRISC, CISSP
Work EnvironmentRisk management teams, compliance departmentsIT, audit, compliance teams
Industry UsageFinancial, healthcare, corporate sectorsIT, finance, consulting firms
Primary FocusIdentifying and managing enterprise risksAnalyzing controls, assessing risks in systems

Grc Risk professionals focus on enterprise-wide risk management strategies, while Grc Analysts typically analyze specific controls and systems to identify vulnerabilities. Both roles require similar certifications and often work within the same industries, but Grc Risk has a broader scope in risk oversight, whereas Grc Analysts concentrate on detailed control assessments.

What job categories do people searching Grc Risk jobs in Atlanta, GA look for? The top searched job categories for Grc Risk jobs in Atlanta, GA are:
Infographic showing various Grc Risk job openings in Atlanta, GA as of July 2026, with employment types broken down into 89% Full Time, and 11% Contract. Highlights an 67% In-person, and 33% Remote job distribution, with an average salary of $113,724 per year, or $54.7 per hour.

GRC Analyst

Merci Technologies - Talent

Atlanta, GA โ€ข Remote

Full-time

Posted 18 days ago


Job description

About the Role
Merci Technologies is seeking a GRC Analyst to support the governance, risk, and compliance program for one of our enterprise clients. This role sits at the intersection of security, audit, and business operations, translating complex regulatory and framework requirements into practical controls that teams can actually implement and sustain. You will be the person who knows where the control gaps are, what the auditors are going to ask for, and how to keep the organization audit-ready year round rather than scrambling at assessment time.

The work is varied and visible. In a given month you might run a control assessment against NIST CSF, prepare evidence for a SOC 2 examination, complete a vendor risk review for a new SaaS purchase, and brief stakeholders on the status of open findings. You will maintain the policy library, track risk to closure, and act as a trusted advisor to engineering and business teams who need to understand what compliance requires of them. This is a strong fit for someone who is organized, detail-driven, and comfortable holding teams accountable to commitments. This is a fully remote position open to Contract or Full-Time candidates.

Key Responsibilities

  • Conduct control assessments and gap analyses against frameworks including NIST CSF, NIST 800-53, ISO 27001, SOC 2, and CMMC
  • Plan and support internal and third-party audits, including scoping, evidence collection, and walkthroughs
  • Track audit and assessment findings to remediation and closure, escalating risks where needed
  • Develop, maintain, and version-control security policies, standards, and procedures
  • Perform vendor and third-party risk assessments and document risk acceptance decisions
  • Build and maintain the risk register and report risk posture to leadership and stakeholders
  • Support regulatory, customer, and compliance reporting requests
  • Help operationalize new framework or regulatory requirements as they emerge

Required Qualifications

  • 3 to 5 years of experience in governance, risk, and compliance, IT audit, or information security
  • Working knowledge of one or more frameworks: NIST CSF, NIST 800-53, ISO 27001, SOC 2, or CMMC
  • Demonstrated experience supporting audit cycles and risk assessments end to end
  • Ability to read a control requirement and translate it into clear, actionable guidance
  • Strong documentation, organization, and stakeholder communication skills

Preferred Qualifications

  • CISA, CRISC, ISO 27001 Lead Auditor, or CISSP certification
  • Hands-on experience with GRC platforms such as Archer, ServiceNow GRC, or OneTrust
  • Familiarity with defense, healthcare, or financial-services compliance requirements
  • Experience with CMMC readiness and assessment preparation

What You Will Bring
You are the kind of person who reads the fine print and keeps the spreadsheet honest. You can push a remediation owner for an update without burning the relationship, and you can explain to a busy engineer why a control matters in language they care about. You treat compliance as a way to make the organization genuinely more secure, not just to pass an audit.