Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Governance Risk & Compliance Analyst

System One Holdings, LLC

Governance Risk & Compliance Analyst

System One is seeking a GRC Analyst for an opportunity in Lakewood, CO. The GRC Analyst is a member of the Governance, Risk & Compliance function within the Global Information Security Office and supports the implementation of company wide security governance, risk management, and compliance programs. Under the direction of the GRC Functional Leader, the analyst contributes to policy development, risk oversight, and continuous improvement of the organization's security posture. The role also works closely with regional Information Security Officers (ISOs) and cross-functional teams to support the deployment of global standards and local regulatory requirements.

Responsibilities include:

  • Support information security risk assessments for new projects, systems, and business processes.
  • Assist in conducting internal control reviews (e.g., JSOX), preparing audit materials, and coordinating responses to internal and external auditors.
  • Track and follow up on remediation actions to ensure timely closure of identified risks.
  • Contribute to drafting, updating, and maintaining global information security policies, standards, and procedures.
  • Review relevant laws, regulations, and industry frameworks (e.g., ISO 27001, NIS2) and incorporate stakeholder feedback into documentation.
  • Support the rollout and implementation of policies across regions.
  • Monitor adherence to security and regulatory requirements, including ISO 27001, NIS2, and GDPR.
  • Collect and organize compliance evidence, track corrective actions, and support certification and regulatory readiness efforts such as ISO 27001/42001 and NIS2 programs.
  • Conduct third party security risk assessments by distributing questionnaires, analyzing responses, verifying controls, and documenting results in the GRC tracking systems.
  • Identify and escalate high risk findings to the GRC Functional Leader and support follow up mitigation activities.
  • Participate in the planning and implementation of security awareness programs for all associates.
  • Create e-learning materials and training materials, conduct phishing email exercises, and distribute disseminated content on internal portals.
  • Monitor and analyze global regulatory developments related to cybersecurity with a focus on industrial control systems (ICS), IT environments, and critical infrastructure.
  • Assist in evaluating how new or updated regulations (e.g., NIS2, FDA cybersecurity expectations, industrial cybersecurity standards, or country specific critical infrastructure laws) impact company operations.
  • Track emerging obligations, document requirements, and support gap assessments to ensure timely compliance.
  • Assist in the preparation, maintenance, and continuous improvement of the CISO Dashboard by collecting, validating, and analyzing security metrics across the Global GRC function.
  • Compile key performance indicators (KPIs) and key risk indicators (KRIs) related to compliance status, audit findings, supplier risk, incident trends, training completion, regulatory readiness, and other relevant security domains.
  • Support the visualization and communication of security posture to senior leadership by ensuring data accuracy, timely updates, and clarity in reporting.
  • Support the development and enforcement of governance controls for the secure use of artificial intelligence technologies across the organization.
  • Identify risks related to AI systems—such as model security, algorithmic integrity, and misuse—and contribute to risk assessments and mitigation plans.
  • Help evaluate third party AI tools.
  • Support the development and improvement of GRC processes, tools, and documentation to enhance operational efficiency and standardization.
  • Assist in preparing reports, presentations, and materials for leadership reviews, steering committees, and cross functional meetings.
  • Participate in internal security projects and initiatives, including process automation, metrics development, and enhancements to governance workflows.
  • Provide coordination and administrative support for security committees, working groups, and regional GRC activities.
  • Perform additional duties as assigned to support the Global Information Security Office and the broader GRC program.

Requirements include:

  • 3 to 5+ years of experience in information security, governance, risk management, compliance, IT audit, or a related discipline.
  • Experience supporting security programs in global or regulated environments is a plus.
  • Understanding of global and regional information security regulations (e.g., data protection laws, cybersecurity requirements) and familiarity with security frameworks such as ISO 27001.
  • Knowledge of internal control frameworks (e.g., JSOX) and IT governance practices is highly desirable.
  • Experience supporting audit activities is preferred.
  • Experience with risk assessment methodologies, control evaluation, and vulnerability or issue management processes.
  • Strong analytical and problem-solving skills, with the ability to identify risks, assess impacts, and support the development and tracking of corrective actions.
  • Ability to communicate security requirements, policies, and audit findings clearly and persuasively with stakeholders across regions and business units.
  • Strong coordination skills to build consensus and drive compliance.
  • Industry certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or similar are preferred but not required.
  • Bachelor's degree in information security, Cybersecurity, Information Systems, Computer Science, or a related field; or equivalent professional experience.
  • Familiarity with governance, risk, and compliance tools (e.g., BitSight, Drata, OneTrust, Archer, or similar) for managing risks, audits, and compliance workflows.
  • Working knowledge of cybersecurity concepts such as identity and access management, endpoint protection, vulnerability management, cloud security, and secure system design.
  • Experience supporting cross-functional security or compliance initiatives, including requirements gathering, documentation, and progress tracking.
  • Ability to interpret risk metrics, compliance data, and audit results.
  • Experience with dashboards, KPI/KRI reporting, or data visualization tools is a plus.
  • Awareness of emerging cybersecurity regulations (e.g., NIS2, AI governance frameworks, critical infrastructure rules) and their potential impact on enterprise operations.

System One, and its subsidiaries including Joulé and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan. System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Governance Risk & Compliance Analyst in Denver, CO vacancy
  •  ...Governance, Risk & Compliance (GRC) Analyst (AI Training) About the Role We're partnering with the world's leading AI research labs to build smarter, safer AI - and we need practitioners who know how GRC actually works in the real world. If you've spent time... 
    Suggested
    Hourly pay
    Ongoing contract
    Contract work
    Freelance
    Remote work
    10 hours per week
    Flexible hours

    Alignerr

    Denver, CO
    1 day ago
  •  ...Now Hiring: GRC Analyst (Contract-to-Hire) Location: Hybrid (2–3 days onsite) – Lakewood, CO Type: 6‑month contract...  ...looking for a GRC Analyst to support enterprise security governance, risk management, and compliance initiatives. This role partners with global teams to... 
    Suggested
    Contract work
    Temporary work
    Local area
    Immediate start

    Akkodis

    Lakewood, CO
    1 day ago
  •  ...Job Title: Governance Risk & Compliance Analyst Location: Lakewood, CO Work Model: Hybrid – onsite and remote Overview System One is seeking a GRC Analyst for an opportunity in Lakewood, CO. The GRC Analyst is a member of the Governance, Risk & Compliance function within... 
    Suggested
    Work at office
    Local area
    Remote work

    System One

    Lakewood, CO
    9 hours ago
  • $21.5 - $29.3 per hour

    General Purpose The Governance, Risk, and Compliance (GRC) Analyst performs day to day management of information technology risk and regulations, including Business Continuity Management and Vendor Management. Essential Duties/Responsibilities Reasonable accommodations... 
    Suggested
    Hourly pay
    Full time
    Work at office
    Remote work
    Weekend work
    Afternoon shift

    Alpine Bank

    Denver, CO
    12 hours ago
  • $44.79k - $72.34k

     ...UMB Bank is seeking an EFT Risk Analyst to monitor risk for ACH transactions and assist in the administration of various risk programs...  ...This hybrid role requires skills in financial processing and compliance. The ideal candidate will present reports to management and implement... 
    Suggested

    UMB Bank

    Denver, CO
    2 days ago
  • $70k - $75k

     ...love to hear from you! Your opportunity Support the Financial Risk team in delivering an effective Financial Risk program...  ...reporting and metrics to support the Financial Risk team including for governance committees, client due diligence activities, and Boards. Develop... 
    Work experience placement

    Janus Henderson Global Investors

    Denver, CO
    1 day ago
  • System One in Lakewood, CO is seeking a Governance Risk & Compliance Analyst to join their Global Information Security Office. This hybrid role involves supporting security governance, risk management, and compliance programs while contributing to policy development and... 
    Work at office

    System One

    Denver, CO
    19 hours ago
  •  ...Identity is hiring an Information Security Analyst in Denver, Colorado. The role involves...  ...security policies, and managing compliance assessments. The ideal candidate will have...  ...You will collaborate with teams to assess risks and ensure compliance, contributing towards... 

    Ping Identity

    Denver, CO
    1 day ago
  • $65k - $75k

     ...enterprise’s second line Information Security Risk & Compliance function by executing defined control...  ...Security Risk and Compliance Analyst performs recurring and ad hoc assessments...  ...to established schedules and governance expectations. Perform additional risk... 

    Sunflower Financial Inc.

    Denver, CO
    3 days ago
  • $189k - $225k

     ...Description Job Description About the Role: The GRC Analyst, Federal & Customer Programs is responsible for the hands...  ..., and operational execution of the company's security governance, risk, and compliance obligations. This role sits at the intersection of customer... 
    Ongoing contract
    Contract work
    For contractors
    For subcontractor
    Work at office
    3 days per week

    Spire

    Denver, CO
    27 days ago
  • $65k - $75k

    Sunflower Financial Inc. is seeking an Information Security Risk and Compliance Analyst to provide tactical support to its compliance function. The role focuses on executing control oversight, conducting assessments, and supporting regulatory readiness. Candidates should... 

    Sunflower Financial Inc.

    Denver, CO
    3 days ago
  • $69.23k - $149k

     ...identify threats, vulnerabilities, and risks and to help protect the people, information...  ...work especially close with UMB data governance, enterprise technology and information security...  .... As the Sr. Information Security Risk Analyst, you will participate in activities... 
    Work experience placement
    Local area
    Remote work
    Flexible hours

    UMB Bank

    Denver, CO
    3 days ago
  • Ball Corporation in Westminster, CO seeks a Senior Analyst in Cybersecurity Governance, Risk, and Compliance (GRC). You will manage cybersecurity risks, support compliance activities, and document key decisions for readiness. The ideal candidate has a Bachelor's degree,... 
    Remote job

    Ball Aerospace

    Westminster, CO
    19 hours ago
  • $92k - $100k

    Transamerica Corporation is seeking an experienced regulatory compliance professional in Denver, Colorado. You will analyze policies, develop compliance programs, and interpret regulatory requirements. Candidates should have a Bachelor’s degree and five years of relevant... 

    Transamerica Corporation

    Denver, CO
    1 day ago
  • $60k - $75k

    Transamerica is seeking candidates for a regulatory compliance role based in Denver, Colorado. This position requires a bachelor’s degree in business, marketing, or pre-law, along with two years of related experience. Candidates should possess strong communication and... 

    Transamerica

    Denver, CO
    1 day ago
  • $37.44 - $46.8 per hour

    The City of Aurora is seeking a Security Analyst to be part of the ISO Engagement team,...  ...on evaluating information security and compliance with legal requirements. This role involves...  ...recommendations to mitigate security risks. Applicants must have a Bachelor’s degree... 
    Hourly pay

    City of Aurora

    Aurora, CO
    19 hours ago
  • UMB Bank is searching for a Sr. Information Security Risk Analyst to join its Corporate Information Security and Privacy team in Denver. This role collaborates closely with data governance, technology, and security teams to address evolving threats and ensure effective... 

    UMB Bank

    Denver, CO
    3 days ago
  •  ...team across the board. Position Summary York Space Systems is seeking a Cyber Risk & Compliance Specialist to support the execution and administration of the company's cybersecurity governance, risk, and compliance programs. This role will work closely with... 
    Permanent employment
    Work at office
    Local area
    Worldwide

    York Space Systems LLC

    Greenwood Village, CO
    1 day ago
  • $54.22k - $79.02k

    The EFT Risk Team monitors Risk for ACH and other payment channels. Managing the Risk helps...  ...to UMB’s Risk appetite. As the EFT Risk Analyst, you will assist with the ongoing...  ...processing or equivalent experience. 1 year of compliance, audit, or risk experience. Bonus Points... 
    Local area
    Remote work
    Monday to Friday
    Flexible hours

    UMB Bank

    Denver, CO
    4 days ago
  • $80k - $100k

     ...Responsibilities An exciting opportunity to join a small but critical Risk Management team at a dynamic, best-in-class public company. As...  ...of Insurance (COI) requests and maintain ongoing COI compliance tracking Champion safety initiatives and contribute to the development... 

    Healthpeak Properties, Inc.

    Denver, CO
    3 days ago
  • $80k - $128k

    A financial services firm in Denver is looking for an IT Disaster Recovery professional to ensure enterprise service continuity in their data center operations. This hybrid role includes troubleshooting complex technical issues, collaborating across teams, and leading disaster...

    Raymond James

    Denver, CO
    19 hours ago
  • $67k - $92.13k

    Risk AnalystKey ResponsibilitiesClaims Administration & Risk ManagementManage guest incident claims from intake through resolution,...  ...outside counsel and vendor invoices for accuracy, completeness, compliance, and appropriate coding.Support litigation reporting, claims... 
    Work at office

    Red Robin

    Englewood, CO
    4 days ago
  • First Western Trust in Denver, CO, is seeking an Enterprise Risk Analyst II to enhance the company’s enterprise risk management program...  ...field and 3-5 years of experience in financial services risk or compliance. Competitive salary and benefits include potential bonuses... 

    First Western Trust

    Denver, CO
    19 hours ago
  • $80k - $128k

     ...the quality or reliability of supported systems.* Document product problems and their resolutions in a solutions database for future analyst reference.* Assign tasks to support analysts, track and report progress, monitor key success indicators and report adverse trends... 
    Work experience placement
    Casual work
    Work at office
    Local area

    BBF Wealth

    Denver, CO
    19 hours ago
  • First Western is searching for an Enterprise Risk Analyst II in Denver, Colorado. This role involves supporting the execution of the enterprise risk management program, identifying and assessing risks, and promoting consistent risk management practices across the organization... 

    First Western

    Denver, CO
    2 days ago
  • $80k - $128k

    A financial services firm in Denver is seeking an IT Disaster Recovery Specialist to ensure enterprise service continuity. This role involves troubleshooting complex issues, participating in disaster recovery exercises, and collaborating with teams on technical solutions...

    BBF Wealth

    Denver, CO
    19 hours ago
  •  ...Financial, Inc. is seeking a candidate to support data center operations in Denver, CO. You will assist with identifying operational risks, creating disaster recovery plans, and troubleshooting network connectivity issues. The role requires skills in project management,... 
    Work at office

    Raymond James Financial Services

    Denver, CO
    4 days ago
  • $63.5k - $95.5k

    First Western Financial, Inc. is looking for an Enterprise Risk Analyst II to support their risk management program in Denver, CO. This full-time role involves analyzing processes, identifying risks, and strengthening controls across the organization. Ideal candidates... 
    Full time

    First Western Trust

    Denver, CO
    2 days ago
  • $110k - $135.3k

     ...analysis that contributes to and advances one or more Enterprise Risk Management (ERM) programs to assist CoBank in managing credit/...  ...include, but are not limited to Risk Assessment, Product Governance, Portfolio Analytics, Risk Governance, Derivative Risk Modeling... 
    Work experience placement
    Work at office
    Work visa

    CoBank

    Englewood, CO
    4 days ago
  •  ...together About the role The Mid-Level GRC Analyst operates at the intersection of compliance, risk, and operational integrity. You will be more than...  ...What you bring: ~3-5 years of experience in governance, risk, and compliance, preferably in a technology-... 
    Work at office
    Remote work
    Flexible hours

    AspenView Technology Partners, Inc.

    Denver, CO
    19 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Governance Risk & Compliance Analyst. Be the first to apply!