Open app
Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

IT Risk and Compliance Analyst

$90k - $115k

BRG

Washington DC

Job Summary IT Risk and Compliance Analyst position is a highly visible, client‑facing role that works closely with Legal and Business Unit stakeholders and reports to the IT Risk and Compliance Manager. This role is responsible for evaluating, assessing, and monitoring the firm’s risk and compliance with applicable information security standards and frameworks, industry best practices, and applicable laws and regulations. It also coordinates and maintains the Information Security Management Program and implements security policy objectives aligned with business objectives. Reporting Relationships IT Risk and Compliance Manager Key Contacts Works closely with the Legal and Business Unit stakeholders. Works with clients in response to security assessments and due diligence questionnaires covering Healthcare, Financial Services, Construction, Government Contracts, Insurance, Real Estate, and more. Works in conjunction with the IT Security and Infrastructure Team. Major Responsibilities Provide IT security, risk, and compliance advice to business units on an ongoing basis. Analyze and address gaps in operations to ensure integrity of processes, controls, and policies. Assist in maintaining and updating Information Security Program policies and procedures, including yearly reviews to ensure documentation is current. Provide governance for participation in the information security incident response process by ensuring it is followed and documented. Respond to escalated security events and drive the security incident response process. Participate in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse system environments. Work with internal and external auditors to demonstrate and provide evidence for controls that are in place; may conduct additional testing to validate remediation. Complete client security questionnaires and work with business units to assist with RFI responses related to IT security. Assist in vendor vetting to ensure vendors, business partners or suppliers use the same or higher security practices. Assist in conducting risk assessments and annual reviews for any new or current vendors, partners, or suppliers. Assist with complex security assessments that require analytical and technical skills across a broad range of IT topics (Identity and Access Management, Security Architecture, Physical and Environmental, etc.). Assist with evaluating, testing, documenting, and maintaining the firmwide DR and BCP policies, processes, and standards. Assist with Security Awareness Training program initiatives related to phishing campaigns and coordinate with HR to deliver ongoing employee training. Requirements Associate Degree or equivalent work experience. 3 years of experience in two or more major information technology functions (infrastructure, operations, datacenter, application support, etc.). 3 years of IT security, IT compliance, or IT risk management experience desired. 3 years of experience involving ISO27001 annual surveillance audits and full recertification audits. Familiarity with industry frameworks and standards such as SOC2, HIPAA, HITRUST is a plus. Familiarity with GDPR and CCPA. Familiarity using GRC tools. Knowledge of application and network security, information security risk, and industry best practice on managing risk. Experience with building, executing, and maintaining DR and BCP program. Ability to effectively prioritize and execute tasks in a high‑pressure environment. Excellent written and verbal communication skills and time‑management skills. Strong troubleshooting, problem‑solving and analytical skills. Position may require traveling for short periods (up to 5 working days, on rare occasions beyond 5 days); all travel expenses will be reimbursed. Compensation Salary Range: $90,000 – $115,000 Additional Information Candidate must be able to submit verification of legal right to work in the U.S. without company sponsorship. Equal Opportunity Employer BRG is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran status, ancestry, sexual orientation, marital status, family structure, medical condition, veteran status, or mental or physical disability, so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. #J-18808-Ljbffr BRG

Apply
Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the IT Risk and Compliance Analyst in Washington DC vacancy
  • SCA and DBA Compliance Analyst
     ...than 70 countries across all 7 continents. The SCA and DBA Compliance Analyst will support the company's compliance with Service Contract...  ...departments to promote organizational integrity, mitigate risks, and ensure adherence to Code of Conduct. The ideal candidate... 
    Suggested
    Hourly pay
    Contract work
    Work experience placement
    For subcontractor
    Work at office
    Local area
    Remote work

    Amentum

    Washington DC
    5 days ago
  • Compliance Data Analyst
     ...Compliance Data Analyst ProSidian is a Management And Operations Consulting Services firm that focuses on providing...  ...ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business Process | IT Effectiveness | Engineering | Environmental |... 
    Suggested
    Contract work
    H1b
    Work at office

    ProSidian Consulting

    Alexandria, VA
    5 days ago
  • IT Risk and Compliance Analyst

    $90k - $115k

     ..., sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Position Title: IT Risk and Compliance Analyst Location: Washington, DC | New York, NY | Boston, MA | Chicago, IL Position Type: Full time Requisition ID: JR100812... 
    Suggested
    Full time
    Work experience placement

    Berkeley Research Group, LLC

    Washington DC
    2 days ago
  • Cybersecurity Compliance & Risk Analyst (Onsite Arlington)
    Saic is seeking a Cybersecurity Compliance Analyst in Arlington, VA. This role involves providing technical and analytical expertise of the Risk Management Framework and managing compliance reporting requirements. The candidate must have a Bachelor's degree, 3+ years of... 
    Suggested

    Saic

    Arlington, VA
    5 days ago
  • IT Risk and Compliance Professional
     ...Title: IT Risk and Compliance Professional Location: Washington, DC Duration: 6+ Months Description The IT risk and compliance or IT audit professional will support Client's IT Risk & Compliance team in its efforts to establish an ongoing... 
    Suggested

    TWO95 International

    Washington DC
    4 days ago
  • Senior Cybersecurity GRC Analyst - RMF/DoD (TS)
    A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You... 

    Medium

    Alexandria, VA
    3 days ago
  • Senior Critical Infrastructure Compliance Specialist
    # Senior Critical Infrastructure Compliance SpecialistExelonFull TimeseniorWashington, District of Columbia, USPosted 5 days ago## Job DescriptionWho...  ...program, driving efficiencies, and proactively managing risks to maintain compliance across systems and operations while... 
    Work experience placement
    Work at office

    TryApplyNow

    Washington DC
    5 days ago
  • Governance, Risk, & Compliance (GRC) Analyst
    Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations navigate the complex landscape of cybersecurity compliance and risk management. You will work directly with clients to assess their... 
    Full time
    Remote work

    Districttechgroup

    Washington DC
    4 days ago
  • Securities Compliance Content Specialist
     ...About the Role: Join CFM Partners GRC, Inc. as a Regulatory Compliance Specialist - Content & Product. In this dynamic role, you will...  ...Partners GRC, Inc. helps organizations strengthen governance, manage risk, and build a lasting culture of compliance. Based in Washington... 
    Work from home
    Flexible hours

    CFM Partners GRC, Inc.

    Washington DC
    1 day ago
  • Compliance Analyst (GRC/RMF Focused)
     ...Job Title: Compliance Analyst (GRC/RMF Focused) Pay Type : SALARIED EXEMPT Location: Hybrid, Washington, DC (DMV Area)...  ...The Compliance Analyst (GRC/RMF Focused) supports governance, risk, and compliance (GRC) initiatives by developing, maintaining,... 
    Full time
    Monday to Friday

    Quzara LLC

    Washington DC
    4 days ago
  • FOCI Compliance Analyst
     ...FOCI Compliance Analyst Washington, DC Join our team at Core One! Our mission is to be at the forefront of devising analytical, operational...  .../SCI with CI Polygraph* We are looking for an experienced risk management professional to support Foreign Ownership, Control... 
    Contract work

    Core One

    Washington DC
    4 days ago
  • Content and AI Compliance Specialist, Risk Compliance Integrity

    $111k - $159k

     ...; Chicago, IL, USA . Minimum qualifications Bachelor's degree or equivalent practical experience. 4 years of experience in compliance, risk management, investigation, auditing, legal, or consulting. Experience with enterprise-wide or cross-functional project planning... 
    Full time

    Google

    Washington DC
    4 days ago
  • Technical Compliance Analyst - TS CI Poly required to apply
     ...Monitors computer networks and systems for security issues, suspicious activities, and compliance with established standards. Assists in investigating security breaches or incidents and participates in documenting findings and remediation activities. Works as part... 

    Bow Wave LLC

    Washington DC
    6 days ago
  • AI-Driven Compliance Analyst, A&A & GRC

    $111k - $159k

    Google is seeking a Compliance Analyst for their Governance, Risk, and Compliance team in Washington, D.C. This role involves managing compliance processes, applying innovative AI solutions, and ensuring adherence to financial regulations. The ideal candidate will have... 

    Google

    Washington DC
    4 days ago
  • Compliance Analyst, Google Public Sector

    $111k - $159k

     ...or equivalent practical experience. 4 years of experience in compliance, risk management, investigation, auditing, legal, or consulting. 2...  ...big idea, we always have our bases covered. As a Compliance Analyst within the Governance, Risk, and Compliance (GRC) team, you... 
    Full time
    Temporary work
    Local area
    Flexible hours
    Shift work

    Google

    Washington DC
    4 days ago
  • Records Management & Compliance Analyst
     ...Records Management & Compliance Analyst ProSidian is a Management And Operations Consulting Services firm that focuses...  ...provides enterprise services/solutions for Risk Management | Compliance | Business Process | IT Effectiveness | Engineering | Environmental | Sustainability... 
    Full time
    Contract work
    H1b
    Work at office

    ProSidian Consulting

    Alexandria, VA
    4 days ago
  • Cybersecurity Compliance Analyst
     ...Cybersecurity Compliance Analyst Seeking a skilled Cybersecurity Compliance Analyst to support our client in Washington, DC. The ideal candidate...  ...Qualifications: Proficiency with ServiceNow Integrated Risk Management, Continuous Authorization and Monitoring, and... 

    Samprasoft

    Washington DC
    2 days ago
  • Remote SCA & DBA Compliance Analyst

    $96k - $120k

    Amentum is seeking an SCA and DBA Compliance Analyst to support compliance with the Service Contract Act and Davis-Bacon Act. The role involves oversight of local and federal laws, collaboration with various departments, and managing compliance audits. The ideal candidate... 
    Remote job
    Contract work
    Local area

    Amentum

    Washington DC
    1 day ago
  • SME SCRM Policy & Compliance Analyst

    $131.3k - $237.35k

     ...Modernization sector is seeking an experienced SME SCRM Policy & Compliance Analyst to support the delivery, enhancement, and adoption of...  ...Responsibilities Develop, maintain, and govern Supply Chain Risk Management (SCRM) policies, Standard Operating Procedures (SOPs... 
    Contract work
    Local area
    Immediate start

    Leidos Inc

    Alexandria, VA
    2 days ago
  • Remote Compliance Analyst II - Fintech Risk & Insights

    $88k - $140k

    Affirm is seeking a Compliance Analyst II in Washington, D.C. to support its compliance governance program. The Analyst will review and challenge...  ...adherence. Required are 3 to 5+ years in compliance or risk management within financial services, strong analytical skills... 
    Remote job

    Affirm

    Washington DC
    4 days ago
  • Junior Risk & Compliance Analyst - AI-Driven ServiceNow
    Brooksource is seeking a Junior Business Analyst in Washington, DC to support risk management and business compliance within a major health insurer. This hybrid position offers the chance to aid enterprise-wide initiatives while working closely with senior team members... 

    Brooksource

    Washington DC
    3 days ago
  • Global Trade Compliance Data Analyst & Insights
     ...leading defense and technology company is seeking a Data Analyst for its Global Trade Compliance team in Arlington, VA. This full-time, in-office...  ...collecting and analyzing data to support compliance and risk analysis. The ideal candidate will have extensive data analysis... 
    Full time
    Work at office

    L3Harris Technologies

    Arlington, VA
    5 days ago
  • Senior Cybersecurity & Compliance Analyst
     ...Security Specialist in Washington, DC. This position entails developing and implementing IT security standards, monitoring security technology performance, and ensuring compliance with regulations like PCI and HIPAA. Candidates should possess a Bachelor’s degree in Computer... 

    National Education Association

    Washington DC
    3 days ago
  • Records Management & Compliance Analyst
     ...ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business Process | IT Effectiveness | Engineering | Environmental |...  ...Description ProSidian Seeks a Records Management & Compliance Analyst | Data Management & Business Intelligence - Data... 
    Full time
    Contract work
    Temporary work
    For contractors
    H1b
    Work at office
    Flexible hours

    ProSidian Consulting, LLC

    Alexandria, VA
    19 days ago
  • Immigration Business & Data Compliance Analyst
    Company: Leao Group PLLC Position: Immigration Business & Data Compliance Analyst Location: 1990 M Street NW, Ste 200, Washington, DC, 20036 Job Duties Analyze operational data and generate performance reports. Support internal compliance reviews. Assist with documentation... 
    Full time

    Connect Solutions

    Washington DC
    4 days ago
  • Remote AI Healthcare Billing Compliance Analyst

    $20 per hour

     ...A healthcare-focused AI technology firm is seeking a Healthcare Billing Compliance Analyst. This independent contractor role involves training AI models to address complex healthcare problems, evaluating logic and performance, and ensuring medical accuracy. Relevant backgrounds... 
    Hourly pay
    For contractors
    Remote work

    DataAnnotation

    Washington DC
    4 days ago
  • GRC Analyst
     ...The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting, and operationalizing...  ...redundancy. Interpret regulatory guidance and apply it to business systems and scenarios, escalating... 
    Contract work

    Nexus IT Group

    Washington DC
    4 days ago
  • GRC Analyst - Public Sector
     ...About the role Socure is seeking an Analyst, GRC - Public Sector to execute and enhance the company's governance, risk, and compliance operations for its public sector business....  ...collaborates across Security, Engineering, IT, DevOps, Product, Legal, and other teams to... 
    Permanent employment
    Contract work

    Socure Inc

    Washington DC
    2 days ago
  • Export Controls Compliance Specialist

    $104.5k - $325k

     ...Join Our Team as an Export Controls Compliance Specialistat Axiom Location: Remote (must reside inNew York, NY or Washington, DC). We are...  ...compliance with export controls laws and mitigating regulatory risk. This position offers a unique opportunity to collaborate on complex... 
    Full time
    Remote work
    Flexible hours

    T.R. ELLIS GROUP LLC

    Washington DC
    4 days ago
  • GRC Analyst
     ...Significant experience with full cycle Risk Management processes, including cATO, Risk...  ...processes creation and integrations. Nice to have: Privacy (HIPAA) and PCI Compliance experience. Required Skills : Business Analysis Additional Skills : Business Analyst

    E-Solutions

    Washington DC
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to IT Risk and Compliance Analyst. Be the first to apply!

Related searches