Job Summary:
The Security GRC Analyst II supports Company’s Governance, Risk, and Compliance (GRC) program with a focus on IT security controls, regulatory compliance, and third-party risk management. This role is responsible for assessing security risks, supporting vendor security reviews, monitoring compliance with regulatory frameworks, and assisting with the development and maintenance of security policies and procedures.
The analyst will work closely with internal teams and external vendors to identify security gaps, evaluate risks, and help implement remediation strategies across enterprise systems and third-party environments.

Key Responsibilities:
GRC & Compliance

• Support security governance, risk, and compliance initiatives.
• Ensure compliance with HIPAA, SOX, PCI, and data privacy regulations.
• Conduct risk assessments, control reviews, and gap analyses.
• Maintain and support IT control attestations and audit responses.
• Assist in the development and maintenance of security policies and procedures.

Third-Party Risk Management

• Perform vendor security risk assessments throughout the third-party lifecycle.
• Review SOC reports, vendor questionnaires, and audit reports.
• Evaluate third-party security controls and identify risk exposures.
• Review security agreements, data processing agreements, and security addendums with legal and business teams.

Security Operations Support

• Investigate potential security incidents or vulnerabilities.
• Monitor security logs and assist with vulnerability management activities.
• Support Data Loss Prevention (DLP) and security monitoring efforts.
• Assist with business continuity and disaster recovery initiatives.

 
Requirements
Experience

• 5+ years of experience in Cybersecurity, GRC, IT Risk, or IT Audit.
• Experience with third-party/vendor risk management.
• Experience with GRC platforms (AuditBoard, Workiva, etc.).
• Experience supporting security audits and regulatory compliance.

Frameworks Knowledge

• NIST Cybersecurity Framework
• HITRUST
• COBIT

Preferred Certifications

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)

 Our benefits package includes:

• Comprehensive medical benefits
• Competitive pay, 401(k)
• Retirement plan
• …and much more!

 
 
About INSPYR Solutions
Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.

INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.
 

Information collected and processed through your application with INSPYR Solutions (including any job applications you choose to submit) is subject to INSPYR Solutions’ Privacy Policy and INSPYR Solutions’ AI and Automated Employment Decision Tool Policy: https://www.inspyrsolutions.com/policies/. By submitting an application, you are consenting to being contacted by INSPYR Solutions through phone, email, or text.

26-155602