The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
IT GRC Analyst II
Raleigh, NC · On-site
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
IT GRC Analyst II
Raleigh, NC · On-site
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat ...
Governance, Risk & Compliance (GRC) Analyst (Level II, III, or Lead) **final title will be ... Design, lead, and perform comprehensive IT control reviews and compliance testing aligned with ...
Governance, Risk & Compliance (GRC) Analyst (Level II, III, or Lead) **final title will be ... Design, lead, and perform comprehensive IT control reviews and compliance testing aligned with ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the Chief ...
The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the Chief ...
Cybersecurity GRC Analyst II
Santa Ana, CA · On-site
$100K/yr
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
Cybersecurity GRC Analyst II
Santa Ana, CA · On-site
$100K/yr
IT GRC Analyst II Location: On-Site role in Santa Ana, CA. Compensation: starting at $100K+ DOE *Actual compensation may vary from posting based on geographic location, work experience, education ...
Governance, Risk & Compliance (GRC) Analyst (Level II, III, or Lead) **final title will be ... Design, lead, and perform comprehensive IT control reviews and compliance testing aligned with ...
Governance, Risk & Compliance (GRC) Analyst (Level II, III, or Lead) **final title will be ... Design, lead, and perform comprehensive IT control reviews and compliance testing aligned with ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Overview The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the ...
Associate GRC Analyst
Frisco, TX · On-site
$72K - $97K/yr
The Associate GRC Analyst will work closely with senior GRC, security, legal, and IT stakeholders to help ensure regulatory, contractual, and internal security requirements are met. Candidates should ...
Associate GRC Analyst
Frisco, TX · On-site
$72K - $97K/yr
The Associate GRC Analyst will work closely with senior GRC, security, legal, and IT stakeholders to help ensure regulatory, contractual, and internal security requirements are met. Candidates should ...
Associate GRC Analyst
Frisco, TX · Hybrid
$72K - $97K/yr
The Associate GRC Analyst will work closely with senior GRC, security, legal, and IT stakeholders to help ensure regulatory, contractual, and internal security requirements are met. Candidates should ...
Associate GRC Analyst
Frisco, TX · Hybrid
$72K - $97K/yr
The Associate GRC Analyst will work closely with senior GRC, security, legal, and IT stakeholders to help ensure regulatory, contractual, and internal security requirements are met. Candidates should ...
Cybersecurity, IT GRC Practice Lead
Coral Gables, FL · On-site
$105K - $142K/yr
Are you a passionate about growing an IT Cybersecurity and IT GRC Compliance advisory practice ... This position requires a highly analytical, detail-oriented professional with experience ...
Quick apply
Cybersecurity, IT GRC Practice Lead
Coral Gables, FL · On-site
$105K - $142K/yr
Are you a passionate about growing an IT Cybersecurity and IT GRC Compliance advisory practice ... This position requires a highly analytical, detail-oriented professional with experience ...
IT Audit Analyst (GRC)
Chicago, IL · On-site
JOB SUMMARY The IT GRC Analyst reports to the Director of IT Governance, Risk & Compliance (GRC) and supports day-to-day IT audit and compliance activities to help ensure systems and processes are ...
IT Audit Analyst (GRC)
Chicago, IL · On-site
JOB SUMMARY The IT GRC Analyst reports to the Director of IT Governance, Risk & Compliance (GRC) and supports day-to-day IT audit and compliance activities to help ensure systems and processes are ...
GRC Analyst - Fulltime
Portland, OR · On-site
GRC Analyst Location: Portland, OR Duration: Full Time We are seeking a detail-oriented and ... It is ideal for professionals with 8 or more years of experience in GRC, IT audit, or cybersecurity ...
GRC Analyst - Fulltime
Portland, OR · On-site
GRC Analyst Location: Portland, OR Duration: Full Time We are seeking a detail-oriented and ... It is ideal for professionals with 8 or more years of experience in GRC, IT audit, or cybersecurity ...
Pncpl GRC Analyst
Herndon, VA · Remote
With built-in governance, control, and insight, it creates a connected ecosystem for confident ... As a Principal GRC Analyst you will be part of the team responsible for audits of cloud ...
Pncpl GRC Analyst
Herndon, VA · Remote
With built-in governance, control, and insight, it creates a connected ecosystem for confident ... As a Principal GRC Analyst you will be part of the team responsible for audits of cloud ...
May coach and mentor Do you have what it takes to be an H-E-B Senior Governance, Risk, & Compliance (GRC) Analyst? * Strong working knowledge of security issues for desktop, virtual, cloud services ...
May coach and mentor Do you have what it takes to be an H-E-B Senior Governance, Risk, & Compliance (GRC) Analyst? * Strong working knowledge of security issues for desktop, virtual, cloud services ...
GRC Analyst
Lowell, MA · On-site
Position Overview: We are seeking a motivated and detail-oriented GRC Analyst to join our ... Bachelor's degree in Information Security, Cybersecurity, IT, or related field (or equivalent ...
GRC Analyst
Lowell, MA · On-site
Position Overview: We are seeking a motivated and detail-oriented GRC Analyst to join our ... Bachelor's degree in Information Security, Cybersecurity, IT, or related field (or equivalent ...
Direct Hire - Full-Time Employment Max Salary Range: $110 k- 115K + Bonus Position Overview We are seeking an experienced SAP GRC Analyst to serve as the critical link between IT and business ...
Direct Hire - Full-Time Employment Max Salary Range: $110 k- 115K + Bonus Position Overview We are seeking an experienced SAP GRC Analyst to serve as the critical link between IT and business ...
Cybersecurity GRC Analyst
Austin, TX · On-site +1
Cybersecurity GRC Analyst ---- Hiring Department: Information Security Office ---- Position Open To ... Collaborate with research IT, sponsored programs, legal, and research stakeholders to support ...
Cybersecurity GRC Analyst
Austin, TX · On-site +1
Cybersecurity GRC Analyst ---- Hiring Department: Information Security Office ---- Position Open To ... Collaborate with research IT, sponsored programs, legal, and research stakeholders to support ...
Be Seen First
Cyber GRC Analyst
Phoenix, AZ · Remote
$65K - $90K/yr
As a GRC Analyst, you will serve as the primary compliance and governance resource for a major ... It's missing process, accountability, and follow-through. That's what we fix. • We're a lean ...
Quick apply
Be Seen First
Cyber GRC Analyst
Phoenix, AZ · Remote
$65K - $90K/yr
As a GRC Analyst, you will serve as the primary compliance and governance resource for a major ... It's missing process, accountability, and follow-through. That's what we fix. • We're a lean ...
It Grc Analyst information
See salary details
$36.5K - $54K
24% of jobs
$54.5K is the 25th percentile. Wages below this are outliers.
$54K - $71.4K
16% of jobs
The median wage is $80.6K / yr.
$71.4K - $88.9K
18% of jobs
$104.8K is the 75th percentile. Wages above this are outliers.
$88.9K - $106.3K
18% of jobs
$106.3K - $123.8K
11% of jobs
$123.8K - $141.2K
4% of jobs
$141.2K - $158.7K
1% of jobs
$158.7K - $176.1K
1% of jobs
$176.1K - $193.6K
2% of jobs
$193.6K - $211K
2% of jobs
$211K - $228.5K
2% of jobs
$36.5K
$97.7K
$228.5K
How much do it grc analyst jobs pay per year?
As of Jun 16, 2026, the average yearly pay for it grc analyst in the United States is $97,659.00, according to ZipRecruiter salary data. Most workers in this role earn between $55,000.00 and $111,000.00 per year, depending on experience, location, and employer.
What are IT GRC Analysts?
IT GRC Analysts are professionals who specialize in managing and overseeing an organization's Information Technology (IT) Governance, Risk, and Compliance (GRC) programs. Their main responsibilities include assessing risks to IT systems, ensuring compliance with relevant laws and regulations, and developing policies to strengthen IT governance. They also work closely with other departments to identify and mitigate security risks, conduct audits, and provide recommendations for process improvements. By doing so, IT GRC Analysts help organizations protect their data and maintain regulatory compliance.
What does a GRC analyst do?
A GRC (Governance, Risk, and Compliance) analyst is responsible for managing an organization's IT governance, assessing risks, and ensuring compliance with regulations and policies. They often use tools like GRC software, perform audits, and develop strategies to mitigate security and operational risks. Strong analytical skills and knowledge of cybersecurity standards are essential for this role.
What are the key skills and qualifications needed to thrive as an IT GRC Analyst, and why are they important?
To thrive as an IT GRC Analyst, you need a solid understanding of IT risk management, compliance frameworks (like ISO 27001 or NIST), and a relevant degree in information technology or cybersecurity. Familiarity with GRC tools (such as Archer or ServiceNow), audit management systems, and industry certifications like CISA or CRISC are commonly required. Strong analytical thinking, attention to detail, and effective communication skills help you interpret complex regulations and work with diverse stakeholders. These competencies ensure organizations effectively manage risks, maintain regulatory compliance, and protect critical information assets.
What is the difference between It Grc Analyst vs It Security Analyst?
| Aspect | It Grc Analyst | It Security Analyst |
|---|---|---|
| Certifications | ISO 27001, CISSP, CISA | CISSP, CEH, CompTIA Security+ |
| Work Environment | Risk management, policy development, compliance | Security monitoring, incident response, threat analysis |
| Employer & Industry Usage | Finance, healthcare, government, corporate | IT firms, cybersecurity companies, large enterprises |
The It Grc Analyst primarily focuses on governance, risk management, and compliance frameworks, ensuring organizations adhere to regulations. In contrast, the It Security Analyst concentrates on protecting systems from security threats through monitoring and incident response. Both roles require certifications like CISSP and work within similar industries, but their core responsibilities differ—one emphasizes policy and compliance, the other security operations.
What are some common challenges faced by IT GRC Analysts, and how can they effectively address them?
IT GRC Analysts often face challenges such as keeping up with rapidly changing compliance regulations, managing complex risk assessments, and ensuring organization-wide adherence to policies. To address these, analysts should prioritize continuous learning, collaborate closely with IT and business teams, and utilize automated GRC tools to streamline processes. Building strong communication skills also helps in advocating for compliance and fostering a culture of risk awareness across the organization.
What jobs pay $2000 a day?
In the cybersecurity field, roles such as IT GRC Analysts, cybersecurity consultants, and senior security advisors can earn $2,000 or more per day, especially with specialized skills, certifications like CISSP or CISA, and extensive experience. These high-paying positions often involve consulting, contract work, or leadership responsibilities in organizations with complex security needs.
What jobs pay 500,000 a year in the US?
In the US, high-paying roles such as senior IT GRC analysts, chief information security officers, and executive-level cybersecurity leaders can earn $500,000 or more annually, especially with extensive experience, certifications like CISSP, and leadership responsibilities. These positions often require advanced skills in risk management, compliance, and security tools, and may include bonuses and stock options.
What jobs will boom in 2026?
In 2026, roles like IT GRC Analysts are expected to grow due to increasing cybersecurity and compliance needs. Demand for professionals skilled in risk management, regulatory frameworks, and cybersecurity tools will likely rise across various industries.
More about It Grc Analyst jobs
What cities are hiring for It Grc Analyst jobs? Cities with the most It Grc Analyst job openings:
What states have the most It Grc Analyst jobs? States with the most job openings for It Grc Analyst jobs include:
What job categories do people searching It Grc Analyst jobs look for? The top searched job categories for It Grc Analyst jobs are:
Full-time
Posted 14 days ago
Job description
If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!
The IT GRC Analyst 2 assess, tests, documents, and monitors the SECU technology ecosystem to ensure the IT control environment effectively mitigates risks associated with an everchanging threat landscape. The IT GRC Analyst will possess a wide range of technical and interpersonal skills to bridge the gap between technology organizations and the business. Must have a big-picture perspective, ability to execute end-to-end risk management processes, and ability to quickly establish trust and build productive relationships across multiple departments. The IT GRC Analyst will require expertise to perform technology risk assessments, provide input to and/or document IT policies, standards, and guidelines, develop, monitor, and track risk remediation plans, and aggregate and report key risk metrics to senior stakeholders.
Responsibilities:
20% - Identify, document, and monitor technology risks present across both internal and external (vendor / cloud) environments
20% - Quantify inherent and residual IT risk levels to enhance analytics, inform prioritizations, and for use in management reporting
20% - Work with risk remediation owners to establish remediation plans with milestones and target dates, and monitor progress towards remediation, escalating as appropriate
20% - Execute technology risk management processes and provide input to support continuous improvement of process and program design
10% - Perform risk and controls assessments while aggregating reporting for Audit and/or Regulatory issues.
10% - Partner with relevant stakeholders to establish clear and consistent IT risk reporting, metrics, KRIs, and KPIs to inform decision making
Required Relevant Experience - 5 Years
Required Knowledge, Abilities and Skills:
* Teamwork, collaboration, self-driven and effective communication skills - both written and verbal.
* 3+ years of IT Security and/or IT Risk Management experience working in a mid-to-large size company
* Basic proficiency or ability to learn one or more of the following: * Risk and controls assessments
* Documenting and maintaining IT Policies / Standards
* IT Risk aggregation, reporting, KPI/KRIs
* Issues management
* Third party risk management
* Working knowledge of various industry security standards and frameworks including: NIST, ISO 27001, ISF Standard of Good Practice (SoGP), etc.
Desired Knowledge, Abilities, Skills:
* Knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
* Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification
* Experience working in a financial institution.
* Experience working within a DevOps environment.
SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.
Disclaimer
State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.