ZipRecruiter

Log In

1

It Risk And Compliance Analyst Jobs (NOW HIRING)

Superbeo

IT Risk & Compliance Analyst

San Francisco, CA · On-site

$110K - $111K/yr

Job Title: IT Risk & Compliance Analyst Job Location: San Francisco, CA 94104 * Please local candidates that are able to work hybrid work schedule, Tuesday and Wednesday, at the SF Offices. Job ...

Angi

IT Risk & Compliance Analyst

New York, NY · On-site +1

$85K - $115K/yr

You will be reporting to the IT Risk and Compliance Manager, while working closely with internal and external audit teams, engineering and product. You will continue to raise the bar to ensure our ...

Angi

IT Risk & Compliance Analyst

New York, NY · Remote

$85K - $115K/yr

You will be reporting to the IT Risk and Compliance Manager, while working closely with internal and external audit teams, engineering and product. You will continue to raise the bar to ensure our ...

Angi

IT Risk & Compliance Analyst

Denver, CO · Remote

$85K - $115K/yr

You will be reporting to the IT Risk and Compliance Manager, while working closely with internal and external audit teams, engineering and product. You will continue to raise the bar to ensure our ...

Thinkbrg

IT Risk and Compliance Analyst

New York, NY · On-site

$90K - $115K/yr

The IT Risk and Compliance Analyst position is a highly visible, client facing role which works closely with the Legal and Business Unit stakeholders and reports to the IT Risk and Compliance Manager.

Montauk Energy

IT Risk Compliance Specialist

Pittsburgh, PA · On-site

$95K/yr

Job Title : IT Risk Compliance Specialist Department: Information Technology Location: Pittsburgh ... Strong analytical and problem-solving abilities. * Excellent communication and documentation skills.

Sonsoft Inc

IT Risk & Compliance

Cranston, RI · On-site

$91K - $92K/yr

Solid understanding of Information Security and IT controls. And working in accordance to IT ... Analytical and Communication skills * project and talent management * Experience with project ...

INB, N.A.

Risk & Compliance Analyst (IT)

Springfield, IL · On-site

The Risk & Compliance Analyst safeguards organizational assets and ensures regulatory compliance by ... Maintain an inventory of organizational information assets. Maintain workflow/process diagrams for ...

Modivcare, Inc.

IT Controls & Compliance Analyst

Denver, CO · On-site

$96K - $97K/yr

Modivcare is looking for an experienced IT Controls & Compliance Analyst to join our team ... Manages and optimizes Governance, Risk & Compliance (GRC) processes, workflows, tooling, reporting ...

Zayo Group LLC

Risk & Compliance Analyst

Boulder, CO · On-site +1

Zayo serves wireless and wireline carriers, media, tech, content, finance, healthcare and other ... Bachelor's degree in Cybersecurity, Information Systems, Business, or a related field, or ...

Saxon Global

IT Compliance

Lake Forest, IL

$93K - $93K/yr

... e Analyst role are responsible for ensuring that the organization in accomplishing its objectives by bringing a disciplined approach to evaluating and improving the effectiveness of IT risk ...

next page

Showing results 1-20

All JobsIt Risk And Compliance Analyst Jobs

It Risk And Compliance Analyst information

See salary details

$15

$40

$65

How much do it risk and compliance analyst jobs pay per hour?

As of Jun 12, 2026, the average hourly pay for it risk and compliance analyst in the United States is $40.49, according to ZipRecruiter salary data. Most workers in this role earn between $29.81 and $49.28 per hour, depending on experience, location, and employer.

What is the difference between It Risk And Compliance Analyst vs It Security Analyst?

AspectIt Risk And Compliance AnalystIt Security Analyst
CertificationsISO 27001, CISSP, CISACISSP, CompTIA Security+
Work EnvironmentRisk assessments, policy development, compliance auditsNetwork monitoring, incident response, security infrastructure
Industry UsageFinancial, healthcare, government sectorsTech, finance, healthcare sectors

The It Risk And Compliance Analyst focuses on ensuring organizational adherence to regulations and managing risk frameworks, while the It Security Analyst primarily handles security measures, threat detection, and incident response. Both roles require similar certifications and often work within the same industries, but their core responsibilities differ: one emphasizes compliance and risk management, the other emphasizes security operations.

What are IT Risk and Compliance Analysts?

IT Risk and Compliance Analysts are professionals who identify, assess, and manage risks related to information technology systems within an organization. They ensure that IT processes and systems comply with internal policies and external regulations, such as GDPR or SOX. Their responsibilities include conducting risk assessments, developing mitigation strategies, monitoring compliance, and reporting on the effectiveness of controls. By doing so, they help protect the organization from cyber threats, data breaches, and regulatory penalties.

What are some common challenges an IT Risk and Compliance Analyst faces when balancing regulatory requirements with business objectives?

One common challenge IT Risk and Compliance Analysts face is ensuring that regulatory requirements are fully met without hindering business operations or innovation. Balancing security protocols and compliance standards—such as GDPR, SOX, or HIPAA—with the need for efficient workflows can be complex. Analysts must collaborate closely with IT, legal, and business units to interpret regulations pragmatically, design effective controls, and communicate the importance of compliance while minimizing disruption. This often requires strong negotiation, communication, and analytical skills to find solutions that satisfy both compliance mandates and business goals.

What are the key skills and qualifications needed to thrive as an IT Risk and Compliance Analyst, and why are they important?

To thrive as an IT Risk and Compliance Analyst, you need a solid understanding of risk management frameworks, regulatory compliance standards (such as SOX, HIPAA, or GDPR), and a bachelor's degree in information technology or a related field. Familiarity with risk assessment tools, GRC (Governance, Risk, and Compliance) platforms, and relevant certifications like CRISC or CISA is typically required. Strong analytical thinking, attention to detail, and effective communication skills help analysts interpret regulations and collaborate across departments. These skills ensure organizations proactively manage risks, maintain regulatory compliance, and protect sensitive information.
More about It Risk And Compliance Analyst jobs
What cities are hiring for It Risk And Compliance Analyst jobs? Cities with the most It Risk And Compliance Analyst job openings:
What states have the most It Risk And Compliance Analyst jobs? States with the most job openings for It Risk And Compliance Analyst jobs include:
What job categories do people searching It Risk And Compliance Analyst jobs look for? The top searched job categories for It Risk And Compliance Analyst jobs are:
It Risk And Compliance Analyst jobs near you

IT Risk & Compliance Analyst

Superbeo

San Francisco, CA • On-site

$110K - $111K/yr

Contractor

Posted 7 hours ago

Job description

Job Title: IT Risk & Compliance Analyst

Job Location: San Francisco, CA 94104

  • Please local candidates that are able to work hybrid work schedule, Tuesday and Wednesday, at the SF Offices.

Job Duration: 6 months (Possibility of extension)

Qualifications (Must Have):

  • Ability to map key Information Security and Technology controls identified in policies, standards, and process documents to industry frameworks such as NIST CSF, NIST 800-53, CSA CCM, CIS v8.1, and regulatory requirements in FHFA Advisory Bulletins.
  • Interpret compliance information to create a recurring cadence of reports of open findings, observations, self-identified issues, progress on risk and compliance initiatives.
  • Willingness to learn/use ITRC tools (e.g., ProcessUnity, Black Kite) and support ITRC team lead with supply chain cyber risk program management

Primary Responsibilities:

  • Conduct readiness assessments, including reviews of relevant documentation in advance of audits, 2LOD assessments, and external assessments.
  • Maintain the inventory of SOX IT General Controls (ITGC) and control tests in ServiceNow, updating as directed, and identifying opportunities for improvements in reporting and in using automation.
  • Liaison between control owner and internal auditors, and 2LOD assessors during audits and assessments, responsible for supporting control owners in the timely submission of artifacts.
  • Ability to map key Information Security and Technology controls identified in policies, standards, and process documents to industry frameworks such as NIST CSF, NIST 800-53, CSA CCM, CIS v8.1, and regulatory requirements in FHFA Advisory Bulletins.
  • Ability to identify and document technology processes.
  • Manage the LogicGate Governance Library ensuring Information Security and Technology documents align with approval and publication requirements, relying equally on automated reminders as well as active engagement with document owners.
  • Maintain ITRC document archives in the ITRC shared repository.
  • Responsible for reporting status at a recurring cadence of open findings, observations, recommendations, and self-identified issues, and for submitting formal audit observation closure documentation.
  • As directed by the ITRC MD, document and report the progress and value of in-flight ITRC initiatives, identified risks, and planned initiatives.
  • Provide compliance review of requests for deviations from Information Security and Technology policies and standards, confirming compliance with Technology Exception requirements for components such as compensating controls, risk assessment, and  documentation supporting exception request rationale.
  • Participate as a key stakeholder in the Architecture Assessment Review process, documenting meeting decisions,  tracking deliverable commitments, and ensuring next steps are completed for proposed new technologies or changes in existing technologies.
  • Support ITRC team members as needed in conducting third-party security risk assessments for changes to existing third parties or proposed third party technologies.

Skills/Knowledge:

  • Required Core Competencies:  Customer Focus, Decision Quality, Ensures Accountability, Drives Results, Drives Engagement, Collaborates, Values Differences, Communicates Effectively with all levels of staff and management, Instills Trust
  • 3 - 5 years of experience in technology risk or IT audit.
  • Knowledge and experience with technology frameworks is required, e.g., CIS v8.1, CSA CCM, CoBIT, NIST, ITIL, et al.
  • Knowledge of Operational Risk Management and Technology Risk Management.
  • Demonstrated ability to promote teamwork, act as a change agent, effectively remove obstacles, maintain high level of morale and motivation, and lead by example.
  • Familiarity with SOX ITGC
  • Must be proficient with Microsoft Office (Word, Excel, PowerPoint) and Microsoft SharePoint.
  • Must have strong communication skills and be able to effectively communicate with all functional levels of the organization.
  • Project management, planning, problem-solving and organizational skills required, preferably using Atlassian JIRA
  • Strong analytical, issue identification, prioritization, resolution, and report writing skills required.
  • Must be proactive and must be able to meet established deadlines.
  • Experience with a Governance, Risk and Compliance (GRC) tool is highly desirable, preferably ServiceNow and LogicGate.
  • Ability to learn use of the ProcessUnity/CyberGRX third party risk management platform