GRC Compliance Analyst

Please Note: As of July 22 2021 our team will require that all candidate submissions include a LinkedIn profile. Please do not submit any candidates that do not have a LinkedIn.

has a client in Cottonwood Heights UT that is seeking a Senior Cyber Compliance/GRC Analyst to support a Compliance Maturity Uplift initiative within a broader Cyber Acceleration Program. This is a senior hands-on delivery role focused on cyber compliance analysis framework development and executive- and board-level reporting. The role works closely with Australia-based delivery teams and periodically with Europe-based stakeholders. This position is delivery-focused and does not include ownership of audits certifications or technical security engineering responsibilities.

Key Responsibilities:

• Lead engagement with stakeholders to develop and maintain a comprehensive inventory of legal contractual and regulatory cybersecurity requirements
• Perform and lead current-state compliance gap analyses including prioritized recommendations and roadmaps for: GDPR and CCPA
• Design and establish a cyber compliance framework to support collaboration and regulatory reporting
• Develop and own RACI matrices for all cyber compliance activities
• Establish and mature compliance tracking mechanisms assessment schedules and continuous assurance capabilities
• Prepare and present board-ready and executive-level reports on compliance maturity and risk exposure
• Design and implementation of a compliance tracking mechanism to monitor remediation progress
• Initiation and coordination of compliance remediation activities based on gap analysis
• Scheduling and execution of recurring compliance assessments
• Ongoing board-level compliance maturity and risk reporting

Required Skills : * To be considered for this position candidates must have experience in a similar role or they must possess significant knowledge experience and abilities to successfully perform the responsibilities listed * Relevant education and/or training will be considered a plus Deliverables: * Enterprise-wide inventory of cybersecurity compliance requirements by jurisdiction and regulation * Current-state compliance assessment with prioritized remediation recommendations * Two-year compliance remediation roadmap aligned to enterprise priorities * Compliance framework including effort estimates RACI model and cost projections * Identification of near-term compliance -quick wins- achievable before the end of FY26 Role Boundaries: * Does not own audits or regulatory certifications * Does not implement or remediate technical security controls * Does not perform SOC incident response or security engineering activities

Basic Qualification :

Additional Skills :

Background Check : No

Drug Screen : No