The Senior / Principal GRC Analyst is responsible for architecting and scaling enterprise governance, risk, and compliance programs across highly regulated technology environments
Job Summary
The Senior / Principal GRC Analyst is responsible for architecting and scaling enterprise governance, risk, and compliance programs across highly regulated technology environments.
This role requires deep expertise in implementing ISO 27001, ISO 42001, GDPR, and CMMC while acting as a trusted advisor to executive stakeholders.
Candidates must possess strong hands-on cybersecurity knowledge to translate technical security architectures into compliant policies and evidence.
Matching Summary
The Senior / Principal GRC Analyst is responsible for architecting and scaling enterprise governance, risk, and compliance programs across highly regulated technology environments.
Skills & Requirements
Must-have
ISO/IEC 27001 implementation ownership
GDPR and CCPA privacy program management
CMMC and NIST SP 800-171 compliance
Technical cybersecurity architecture validation
AI governance and risk assessment
Nice-to-have
Experience with Microsoft Purview and Defender
Mentoring junior GRC professionals
Familiarity with cloud-native ISMS design
Exposure to AI-enabled compliance tools
Key Requirements
7–12+ years of experience in GRC or security
Proven ownership of ISO 27001 and CMMC programs
Strong technical and regulatory interpretation skills