2

Internship Remote Grc Analyst Jobs (NOW HIRING)

Rosemead, CA- Remote Experience Needed: 10+ years About the Role We are seeking an experienced ... Access Risk Analysis (ARA) * Access Request Management (ARM) * Business Role Management (BRM)

Remote (Irvine, CA - Willing to travel for workshops) Duration: 6+ months Implementation Partner ... Deep expertise in SoD design and conflict analysis, Risk & control frameworks. (SOX compliance)

GRC Engineer

Chicago, IL · On-site +1

$130K - $145K/yr

Experience using SQL or data analysis for evidence collection and control sampling * Certifications ... We are not open to remote candidates for this role. Hybrid: For Chicago-based employees, we follow ...

Due to an increase in fraudulent candidates, remote candidates will be considered on a case-by-case ... Strong documentation, analytical, and organizational skills, with attention to detail * Ability to ...

This role is primarily remote, with occasional travel required for projects, collaboration, and ... Proven ability to analyze vendor security documentation (SOC 2 Type II, SIG questionnaires ...

Senior Analyst, Cyber GRC

Westminster, CO · On-site +1

$110K - $157K/yr

The Senior Analyst, Cybersecurity Governance, Risk, and Compliance (GRC) is responsible for ... The preferred location for this role is our Westminster, CO campus; but we will consider a remote ...

next page

Showing results 1-20

Internship Remote Grc Analyst information

See salary details

$12

$22

$42

How much do internship remote grc analyst jobs pay per hour?

As of Jul 6, 2026, the average hourly pay for internship remote grc analyst in the United States is $22.50, according to ZipRecruiter salary data. Most workers in this role earn between $17.31 and $24.52 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Remote GRC Analyst Intern, and why are they important?

To excel as a Remote GRC Analyst Intern, you need a foundational understanding of governance, risk management, and compliance concepts, often supported by coursework or a degree in information security or a related field. Familiarity with GRC platforms (like RSA Archer, ServiceNow GRC), risk assessment tools, and relevant certifications such as CompTIA Security+ or ISO 27001 is beneficial. Strong analytical thinking, attention to detail, and effective communication skills help you interpret regulations and present findings clearly. These skills ensure that you can identify risks, support compliance initiatives, and contribute to a secure and compliant organizational environment.

What is a Remote GRC Analyst Internship?

A Remote GRC (Governance, Risk, and Compliance) Analyst Internship is a temporary position where students or recent graduates gain hands-on experience working with an organization's risk management, compliance, and governance processes, all while working remotely. Interns in this role assist with identifying and assessing risks, ensuring compliance with regulations, and helping develop policies and controls. They often work with IT, legal, and compliance teams to support audits, analyze data, and document findings. This internship is ideal for those interested in cybersecurity, risk management, and regulatory compliance, and offers flexibility by allowing work from any location.

What types of projects and responsibilities can an Internship Remote GRC Analyst expect during their placement?

As a remote GRC (Governance, Risk, and Compliance) Analyst intern, you can expect to assist with tasks such as conducting risk assessments, reviewing compliance documentation, and supporting audits under the guidance of senior team members. You may participate in virtual meetings, collaborate on policy updates, and help track remediation efforts for identified risks. The role often involves learning to use GRC software tools, preparing reports, and communicating findings. This hands-on exposure provides valuable experience in understanding how organizations manage regulatory requirements and operational risks, often working closely with IT, legal, and security teams.
More about Internship Remote Grc Analyst jobs
What cities are hiring for Internship Remote Grc Analyst jobs? Cities with the most Internship Remote Grc Analyst job openings:
What are the most commonly searched types of Remote Grc Analyst jobs? The most popular types of Remote Grc Analyst jobs are:
What states have the most Internship Remote Grc Analyst jobs? States with the most job openings for Internship Remote Grc Analyst jobs include:
Senior SAP GRC Consultant

Other

Posted 13 days ago


Job description

Senior SAP GRC Consultant

Location: Rosemead, CA- Remote

Experience Needed: 10+ years

About the Role

We are seeking an experienced Senior SAP GRC Consultant with deep expertise in Access Control (AC), Process Control (PC), and Risk Management (RM) to design, implement, and sustain enterprise-grade governance, risk, and compliance frameworks across complex SAP landscapes. The ideal candidate has led end-to-end SAP GRC deployments, optimized SoD and risk rulesets, executed mass master data uploads using MDUG, automated controls and testing via CCM, scheduled MCP plans, and partnered closely with Security, Internal Audit, Compliance, and Business Process Owners to improve control maturity, reduce risk exposure, and conduct enterprise risk surveys. This role requires strong hands-on experience across backend SPRO configuration and front-end GRC operations.

Key Responsibilities

SAP GRC Access Control (AC)

  • Lead design, configuration, and rollout via SPRO for:
    • Access Risk Analysis (ARA)
    • Access Request Management (ARM)
    • Business Role Management (BRM)
    • Emergency Access Management (EAM)
  • Define, maintain, and tune SoD rulesets, risk functions, and mitigating controls aligned to business processes:
    • OTC, P2P, RTR, HCM, TM, and others
  • Implement workflow-driven access provisioning and approvals, including:
    • MSMP configuration
    • BRF+ rule design and optimization
  • Perform user-, role-, and authorization object–level risk analysis, define remediation strategies, and enforce least-privilege role design
  • Establish and operate Firefighter (FFID) governance:
    • FFID ID setup and assignment
    • Log review workflows
    • Control owner and reviewer maintenance
    • SLA compliance
  • Integrate SAP GRC AC with:
    • HR / IDM / IAM platforms (SAP IDM, Azure AD, SailPoint, Okta)
    • SAP Cloud Identity
    • Ticketing tools (ServiceNow, Jira)
  • Strong end-to-end SAP Fiori authorization configuration knowledge, including catalogs, groups, spaces, and OData services

SAP GRC Process Control (PC)

  • Perform mass master data uploads using the MDUG program
  • Design and implement:
    • Control libraries
    • Centralized control documentation
    • Test of Design (ToD) and Test of Effectiveness (ToE)
  • Configure and operate:
    • Automated Business Controls (ABC)
    • Continuous Control Monitoring (CCM)
    • Data sources, business rules, workflows, alerts, and background jobs
  • Schedule and manage MCP plans, certifications, and periodic control assessments
  • Align Process Control framework with:
    • SOX / ITGC
    • ISO 27001
    • COBIT
    • GDPR
    • Internal audit requirements
  • Build dashboards and reports for:
    • Control Owners
    • Process Owners
    • Internal Audit
    • Senior Management and Executives

SAP GRC Risk Management (RM)

  • Lead implementation and configuration of SAP GRC Risk Management module
  • Design and maintain:
    • Enterprise risk frameworks
    • Risk categories, risk attributes, and scoring methodologies
  • Create risks and assign controls, including:
    • Risk-to-control mapping
    • Preventive and detective control alignment
  • Configure and manage:
    • Risk assessments and risk surveys
    • Risk owners and responsible parties
    • Risk response strategies (accept, mitigate, transfer, avoid)
  • Enable risk monitoring, KRIs, and trend analysis
  • Support integration of RM with:
    • Process Control (PC)
    • Internal audit and compliance reporting
  • Prepare executive-level risk dashboards and risk exposure reports

Architecture, Integration & Operations

  • Define SAP GRC architecture across:
    • ECC and S/4HANA
    • SAP Cloud solutions (Ariba, SuccessFactors, Concur, Fieldglass)
    • Non-SAP systems where applicable
  • Support internal and external audits:
    • Evidence collection
    • Audit queries
    • Remediation and action plan tracking
  • Drive continuous improvement across:
    • Joiner–Mover–Leaver (JML) processes
    • Periodic access reviews
    • Control automation and operational efficiency
Required Qualifications & Experience

• 8+ years of hands-on SAP GRC experience across Access Control, Process Control, and Risk Management

• Minimum 2–3 full lifecycle implementations of SAP GRC modules

• Deep understanding of SAP authorization concepts:

  • Roles, profiles, authorization objects
  • SU24, PFCG, SUIM
  • Fiori catalogs, groups, spaces
  • OData services

• Proven experience with:

  • SoD rulesets (SAP standard and custom)
  • BRF+ rule maintenance
  • Mitigating control design

• Strong experience with:

  • EAM / Firefighter configuration and operations
  • Firefighter log reviews and compliance workflows
  • PC frameworks, CCM automation, issue and deficiency management
  • MCP plan scheduling

• Strong knowledge of SOX, ITGC, COBIT, NIST, ISO 27001, GDPR

• Excellent stakeholder management across IT Security, Audit, Compliance, and Business

• Reporting and analytics experience:

  • GRC standard reports
  • SAP BW/BI
  • SAP Analytics Cloud (preferred)

• Strong documentation and communication skills

Nice-to-Have

S/4HANA greenfield or brownfield migration experience

Integration experience with:

  • Azure AD, SailPoint, Okta
  • ServiceNow
  • SuccessFactors, Ariba, Concur, Fieldglass

Exposure to:

  • Cybersecurity programs
  • SIEM / SOAR integrations
  • Identity Governance & Administration (IGA)
  • Knowledge of SAP IAG / SAP Cloud Identity Access Governance
Certifications:
  • SAP Certified Associate – SAP Access Control
  • CISA / CISM / CRISC
  • CISSP
  • ISO 27001 Lead Implementer/Auditor

Diverse Lynx logo

About Diverse Lynx

Sourced by ZipRecruiter

Diverse Lynx, based in Princeton, NJ, US, is a reputable company in the Information Technology sector. The firm, as reflected through its website diverselynx.com, specializes in delivering comprehensive IT solutions. These solutions range from IT consulting to robust digital transformation strategies, IT staffing, and full-time placements services. The company was established in 2008, and it prides itself on providing simplified, efficient technology solutions designed to meet the unique needs of each client.

Industry

It services

Company size

51 - 200 Employees

Headquarters location

Princeton, NJ, US

Year founded

2002

Social media