To Apply for this Job Click Here
Job Title: Cyber Security GRC Analyst
Type: Contract
Location: Irving, Texas
Onsite Requirements: Hybrid – 4 days in office, 1 day remote per week
Overview:
Our client is seeking a Cyber Security GRC Analyst to join their team. They are one of the nation’s leading homebuilders and have been recognized as a Fortune 500® company, consistently ranking among the top homebuilders in the United States.
The Cyber Security GRC Analyst is a mid-level position responsible for executing advanced cybersecurity tasks within the organization. The GRC Analyst will be responsible for supporting the organization’s Governance, Risk, and Compliance (GRC) initiatives. The Analyst will take a proactive role in identifying and mitigating security risks and ensuring compliance with industry standards and regulations. This role involves conducting cyber security risk assessments, managing risk treatment plans, and collaborating with internal stakeholders to ensure effective risk mitigation.
Responsibilities:
- Collaborate with internal teams to identify, assess, and mitigate security risks.
- Manage third-party risk assessments and monitor vendor security posture.
- Utilize GRC tools to document and track risk management activities.
- Analyze complex data sets to identify trends and support decision-making.
- Support compliance with internal policies and external regulatory requirements.
- Participate in security audits and assessments, and support remediation efforts.
- Maintain accurate documentation of risk assessments, treatment plans, and compliance activities.
- Drive continuous improvement in GRC processes and tools.
- Work closely with IT, Security, Legal, and Business teams to align GRC initiatives with organizational goals.
Required Experience:
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- 3-5+ years of experience in cybersecurity, with a focus on vulnerability management, incident response, or GRC.
- Proven experience in cyber security risk assessment and risk treatment planning.
- Strong collaboration skills with internal stakeholders across a complex IT environment.
- Experience with third-party risk management (TPRM) using tools such as Security Scorecard and OneTrust.
- Proficiency with GRC tools, preferably AuditBoard.
- Working knowledge of Microsoft Office applications.
- Demonstrated teamwork and collaboration in a complex IT environment.
- Strong problem-solving skills and ability to analyze complex data sets with minimal oversight.
- Self-starter with the ability to drive risk projects to completion.
- Knowledge of vulnerabilities, SaaS applications, Cloud environments, and application security.
- Understanding of technical vulnerability management and operating systems.
- Familiarity with security testing tools and procedures.
- Familiarity with IT service management (ServiceNow preferred) .
- Experience with project management tools (Jira preferred).
- Strong knowledge of cybersecurity tools, techniques, and frameworks.
- Excellent analytical, communication, and documentation skills.
- Relevant certifications (e.g., CompTIA Security+, CEH, CISA, CRISC, CISM, CISSP) are a plus.
Other Notes:
- Regular, in-person attendance at the office during regular work hours is an essential function of this job. This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.
- This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice.
Employment Eligibility: Gravity cannot transfer nor sponsor a work visa for this position. Applicants must be eligible to work in the U.S. for any employer directly