The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
Cybersecurity, IT GRC Practice Lead
$105K - $142K/yr
Are you a passionate about growing an IT Cybersecurity and IT GRC Compliance advisory practice? Elevate is looking for a dynamic, hard charging IT Service Delivery Practice Lead who thrives on ...
Quick apply
Cybersecurity, IT GRC Practice Lead
$105K - $142K/yr
Are you a passionate about growing an IT Cybersecurity and IT GRC Compliance advisory practice? Elevate is looking for a dynamic, hard charging IT Service Delivery Practice Lead who thrives on ...
IT GRC Analyst II
Raleigh, NC · On-site
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
IT GRC Analyst II
Raleigh, NC · On-site
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
IT GRC Analyst
Tempe, AZ · Hybrid
$43 - $57.50/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
IT GRC Analyst
Tempe, AZ · Hybrid
$43 - $57.50/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
IT GRC Analyst
Richardson, TX · Hybrid
$40.75 - $54.50/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
IT GRC Analyst
Richardson, TX · Hybrid
$40.75 - $54.50/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
IT GRC Analyst
Dunwoody, GA · Hybrid
$44.50 - $59.50/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
IT GRC Analyst
Dunwoody, GA · Hybrid
$44.50 - $59.50/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
IT GRC Analyst
Bloomington, IL · Hybrid
$42.75 - $57/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
IT GRC Analyst
Bloomington, IL · Hybrid
$42.75 - $57/hr
Responsibilities The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm's ET-PCI Compliance and Consulting (PCI C&C) Team. This ...
Cybersecurity GRC Evaluator - Expert - AI Trainer
Chicago, IL · Remote
$80 - $120/hr
Cybersecurity / IT GRC Evaluator Type: Contract Compensation: $80-$120/hour Location: Remote Role Responsibilities * Evaluate AI-generated artifacts against domain-specific quality rubrics.
New
Quick apply
Cybersecurity GRC Evaluator - Expert - AI Trainer
Chicago, IL · Remote
$80 - $120/hr
Cybersecurity / IT GRC Evaluator Type: Contract Compensation: $80-$120/hour Location: Remote Role Responsibilities * Evaluate AI-generated artifacts against domain-specific quality rubrics.
New
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the Chief ...
The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the Chief ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
ServiceNow GRC/ IRM Consultant
Raleigh, NC · On-site
Total IT GRC experience: Over 8-12 yrs. * Relevant ServiceNow IRM experience: Over 4years which includes technology implementation, upgrades, migration, architecting, processes. * Excellent ...
ServiceNow GRC/ IRM Consultant
Raleigh, NC · On-site
Total IT GRC experience: Over 8-12 yrs. * Relevant ServiceNow IRM experience: Over 4years which includes technology implementation, upgrades, migration, architecting, processes. * Excellent ...
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
Cybersecurity GRC Analyst II
Santa Ana, CA · On-site
$100K/yr
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
Cybersecurity GRC Analyst II
Santa Ana, CA · On-site
$100K/yr
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
Lead or co-lead the design, implementation, and assessment of IT GRC programs including risk management frameworks, control libraries, and compliance roadmaps * Conduct risk assessments, control gap ...
Quick apply
Lead or co-lead the design, implementation, and assessment of IT GRC programs including risk management frameworks, control libraries, and compliance roadmaps * Conduct risk assessments, control gap ...
Lead or co-lead the design, implementation, and assessment of IT GRC programs including risk management frameworks, control libraries, and compliance roadmaps * Conduct risk assessments, control gap ...
Lead or co-lead the design, implementation, and assessment of IT GRC programs including risk management frameworks, control libraries, and compliance roadmaps * Conduct risk assessments, control gap ...
Lead or co-lead the design, implementation, and assessment of IT GRC programs including risk management frameworks, control libraries, and compliance roadmaps * Conduct risk assessments, control gap ...
Lead or co-lead the design, implementation, and assessment of IT GRC programs including risk management frameworks, control libraries, and compliance roadmaps * Conduct risk assessments, control gap ...
Senior IT GRC Auditor - Miami Florida
$89K - $118K/yr
IT GRC Auditor Consultant ONSITE - CORAL GABLES, MIAMI, FLORIDA www.elevateconsult.com Are you passionate about working in a complex IT environment where security and data privacy are a primary focus ...
Quick apply
Senior IT GRC Auditor - Miami Florida
$89K - $118K/yr
IT GRC Auditor Consultant ONSITE - CORAL GABLES, MIAMI, FLORIDA www.elevateconsult.com Are you passionate about working in a complex IT environment where security and data privacy are a primary focus ...
It Grc information
See salary details
$27.16 - $32.34
3% of jobs
$32.34 - $37.52
4% of jobs
$37.52 - $42.70
7% of jobs
$42.70 - $47.88
8% of jobs
$48.48 is the 25th percentile. Wages below this are outliers.
$47.88 - $53.06
16% of jobs
The median wage is $56.08 / hr.
$53.06 - $58.24
19% of jobs
$58.24 - $63.42
17% of jobs
$63.56 is the 75th percentile. Wages above this are outliers.
$63.42 - $68.60
9% of jobs
$68.60 - $73.78
7% of jobs
$73.78 - $78.96
6% of jobs
$78.96 - $84.13
2% of jobs
$27
$57
$84
How much do it grc jobs pay per hour?
As of Jun 13, 2026, the average hourly pay for it grc in the United States is $57.43, according to ZipRecruiter salary data. Most workers in this role earn between $48.80 and $65.87 per hour, depending on experience, location, and employer.
What are some common challenges faced by IT GRC professionals, and how can they be addressed?
IT GRC (Governance, Risk, and Compliance) professionals often encounter challenges such as keeping up with rapidly evolving regulations, balancing security with business objectives, and ensuring cross-departmental collaboration. Staying updated requires continuous learning and leveraging industry resources. Building strong relationships with stakeholders across IT, legal, and business teams helps streamline compliance processes, while utilizing automated GRC tools can improve efficiency and accuracy. Proactive communication and ongoing training are key strategies for overcoming these challenges.
What jobs make $10,000 a month without a degree?
In the IT GRC (Governance, Risk, and Compliance) field, experienced professionals such as cybersecurity auditors, compliance managers, or risk analysts can earn $10,000 or more monthly through specialized skills, certifications, and consulting work. These roles often require expertise in security frameworks, regulatory standards, and risk management tools, with many opportunities available in consulting firms or as independent contractors.
Can you make $500,000 a year in cyber security?
IT GRC (Governance, Risk, and Compliance) professionals can potentially earn $500,000 annually, especially at senior levels or in executive roles such as Chief Information Security Officer (CISO). Achieving this salary typically requires extensive experience, advanced certifications like CISSP or CISA, and leadership responsibilities within large organizations. Compensation varies based on industry, location, and individual expertise.
What are the key skills and qualifications needed to thrive as an IT GRC (Governance, Risk, and Compliance) professional, and why are they important?
To thrive as an IT GRC professional, you need a solid understanding of information security, risk management frameworks, regulatory compliance, and often a bachelor's degree in information technology or a related field. Familiarity with tools like GRC platforms (e.g., RSA Archer, ServiceNow GRC), audit management systems, and certifications such as CISA, CISSP, or CRISC are typically required. Strong analytical thinking, attention to detail, and effective communication skills help you assess risks and collaborate with stakeholders. These skills are crucial for ensuring organizations meet regulatory requirements, manage IT risks, and maintain robust security postures.
Is GRC high paying?
GRC (Governance, Risk, and Compliance) roles in IT are generally considered to be well-paying, especially for professionals with certifications like CISSP or CISA and experience in cybersecurity or audit. Salaries vary based on location, experience, and company size but tend to be above average compared to other IT positions.
What is the role of GRC in IT?
In IT, GRC (Governance, Risk Management, and Compliance) professionals develop and implement policies to ensure that IT systems meet regulatory requirements, manage security risks, and align with organizational goals. They often work with frameworks like ISO 27001 or NIST and utilize tools such as risk assessment software to maintain security and compliance standards.
What is IT GRC?
IT GRC stands for Information Technology Governance, Risk, and Compliance. It refers to the framework and processes that organizations use to ensure their IT operations align with business goals, effectively manage risks, and comply with relevant laws and regulations. IT GRC professionals help organizations create policies, implement controls, monitor compliance, and respond to audits. Their work is essential for protecting data, reducing security risks, and maintaining the trust of customers and stakeholders.
What is the difference between It Grc vs Cybersecurity Analyst?
| Aspect | It Grc | Cybersecurity Analyst |
|---|---|---|
| Required Certifications | ISO 27001 Lead Implementer, CISSP, CISA | CISSP, CompTIA Security+, CEH |
| Work Environment | Policy development, risk management, compliance | Threat detection, incident response, security monitoring |
| Employer & Industry Usage | Corporate compliance, risk management teams | Security operations centers, IT departments |
It Grc professionals focus on establishing policies, managing risks, and ensuring compliance with regulations. Cybersecurity Analysts primarily monitor security threats, respond to incidents, and protect systems. While both roles require security knowledge, It Grc emphasizes governance and risk management, whereas Cybersecurity Analysts are more involved in technical threat mitigation.
More about It Grc jobs
What cities are hiring for It Grc jobs? Cities with the most It Grc job openings:
What are the most commonly searched types of It Grc jobs? The most popular types of It Grc jobs are:
What states have the most It Grc jobs? States with the most job openings for It Grc jobs include:
What job categories do people searching It Grc jobs look for? The top searched job categories for It Grc jobs are:
Full-time
Posted 11 days ago
Job description
If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat landscape. The IT GRC Analyst will possess a wide range of technical and interpersonal skills to bridge the gap between technology organizations and the business. Must have a big-picture perspective, ability to execute end-to-end risk management processes, and ability to quickly establish trust and build productive relationships across multiple departments. The IT GRC Analyst will require expertise to perform technology risk assessments, provide input to and/or document IT policies, standards, and guidelines, develop, monitor, and track risk remediation plans, and aggregate and report key risk metrics to senior stakeholders.
Responsibilities:
20% - Identify, document, and monitor technology risks present across both internal and external (vendor / cloud) environments
20% - Quantify inherent and residual IT risk levels to enhance analytics, inform prioritizations, and for use in management reporting
20% - Work with risk remediation owners to establish remediation plans with milestones and target dates, and monitor progress towards remediation, escalating as appropriate
20% - Execute technology risk management processes and provide input to support continuous improvement of process and program design
10% - Perform risk and controls assessments while aggregating reporting for Audit and/or Regulatory issues.
10% - Partner with relevant stakeholders to establish clear and consistent IT risk reporting, metrics, KRIs, and KPIs to inform decision making
Required Relevant Experience - 5 Years
Required Knowledge, Abilities and Skills:
* Teamwork, collaboration, self-driven and effective communication skills - both written and verbal.
* 3+ years of IT Security and/or IT Risk Management experience working in a mid-to-large size company
* Basic proficiency or ability to learn one or more of the following: * Risk and controls assessments
* Documenting and maintaining IT Policies / Standards
* IT Risk aggregation, reporting, KPI/KRIs
* Issues management
* Third party risk management
* Working knowledge of various industry security standards and frameworks including: NIST, ISO 27001, ISF Standard of Good Practice (SoGP), etc.
Desired Knowledge, Abilities, Skills:
* Knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
* Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification
* Experience working in a financial institution.
* Experience working within a DevOps environment.
SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.
Disclaimer
State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.