Experienced or Senior GRC Analyst
Hotman Group LLC
About the Role
Hotman Group is a boutique cybersecurity and GRC consulting firm doing meaningful work for clients who need GRC done right ranging from Fortune 1000 companies to high-growth startups. We are looking for an experienced GRC practitioner who is ready to work directly with clients, own deliverables end to end, and contribute to a team that holds itself to a high standard. This is not an entry point. We expect you to bring your expertise and use it.
This is a full-time, remote, contract-to-hire position. Top performers move into permanent roles within 6 months.
What You Will Do
As an Experienced or Senior GRC Analyst at Hotman Group you will work directly with clients to help them build, mature, and sustain their cybersecurity and compliance programs. This is active delivery work. You will:
What You Bring
This role requires direct accountability for work product and outcomes. If your experience has been primarily internal, supporting programs from the inside without stakeholder-facing delivery responsibility, this role will be a significant adjustment.
Requirements
Our process is designed to be straightforward but rigorous. In addition to a written questionnaire and video responses, finalists will complete a practical skills assessment before advancing to a panel interview with our delivery team. The assessment reflects the type of work you will do on day one. If you are confident in your GRC expertise, this is your opportunity to show it.
Why Hotman Group
At Hotman Group we are not just another consulting firm. You will work alongside people who care about the craft and push each other to do better. No politics, no silos, no hierarchy between you and the people making decisions.
You will touch more GRC frameworks, more industries, and more client situations in one year here than most practitioners see in five. You will grow because the work demands it.
The clients you serve will actually notice your work. You are not a number on a headcount. Your name is on the deliverable.
If you want to do real GRC work, get better at it every day, and work with a team that holds itself to a high standard - this is the place.
No phone calls or emails please.
Hotman Group is a boutique cybersecurity and GRC consulting firm doing meaningful work for clients who need GRC done right ranging from Fortune 1000 companies to high-growth startups. We are looking for an experienced GRC practitioner who is ready to work directly with clients, own deliverables end to end, and contribute to a team that holds itself to a high standard. This is not an entry point. We expect you to bring your expertise and use it.
This is a full-time, remote, contract-to-hire position. Top performers move into permanent roles within 6 months.
What You Will Do
As an Experienced or Senior GRC Analyst at Hotman Group you will work directly with clients to help them build, mature, and sustain their cybersecurity and compliance programs. This is active delivery work. You will:
- Lead assessments and audits of security and IT control environments
- Design, implement, and mature cybersecurity and compliance programs
- Develop risk registers, conduct risk assessments, and track remediation efforts
- Create and refine policies, standards, and procedures aligned with top frameworks including SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST, CMMC, and others
- Prepare clients for internal audits and external assessments
- Translate technical, regulatory, and business requirements into clear, actionable deliverables for client stakeholders
- Communicate findings, manage client feedback, and drive outcomes even when stakeholders push back
- Mentor junior analysts and contribute to the growth of our GRC practice
- Participate in peer review of deliverables before they go to clients - your work will be reviewed and you will review others
What You Bring
- Hands-on GRC experience with a track record of owning deliverables, producing frameworks-based documentation, and driving remediation -- not just supporting programs from the inside
- Deep working knowledge of compliance standards including SOC 2, ISO 27001, NIST CSF, HIPAA, and HITRUST
- Experience communicating findings and recommendations directly to clients or senior internal stakeholders -- you can hold a room, manage pushback, and present complex findings in plain language
- Excellent writing skills -- your deliverables are clear, polished, and do not require heavy editing before they go to a client
- Strong critical thinking and professional judgment -- you know when to escalate, when to hold your position, and when to ask for help
- A high level of accountability and ownership -- you manage your own workload, communicate proactively, and hold yourself to deadlines without being managed closely
- Comfort working independently in a fully remote environment with minimal hand-holding
- A default toward communication - you keep the team informed, you acknowledge quickly, and you do not go dark on a deliverable or a client
This role requires direct accountability for work product and outcomes. If your experience has been primarily internal, supporting programs from the inside without stakeholder-facing delivery responsibility, this role will be a significant adjustment.
Requirements
- Permanent authorization to work in the U.S. -- no sponsorship of any kind now or in the future
- Able to pass a background check
- Reliable high-speed internet and a secure, private remote workspace
Our process is designed to be straightforward but rigorous. In addition to a written questionnaire and video responses, finalists will complete a practical skills assessment before advancing to a panel interview with our delivery team. The assessment reflects the type of work you will do on day one. If you are confident in your GRC expertise, this is your opportunity to show it.
Why Hotman Group
At Hotman Group we are not just another consulting firm. You will work alongside people who care about the craft and push each other to do better. No politics, no silos, no hierarchy between you and the people making decisions.
You will touch more GRC frameworks, more industries, and more client situations in one year here than most practitioners see in five. You will grow because the work demands it.
The clients you serve will actually notice your work. You are not a number on a headcount. Your name is on the deliverable.
If you want to do real GRC work, get better at it every day, and work with a team that holds itself to a high standard - this is the place.
No phone calls or emails please.
Vacancy posted 20 hours ago
Similar jobs that could be interesting for youBased on the Experienced or Senior GRC Analyst in United States vacancy
- Itlearn360 is seeking an experienced Third Party Governance, Risk and Compliance (GRC) Analyst in Los Angeles, CA. The ideal candidate should have at least three years of experience, preferably with Big 4 consulting or in regulated industries. This role involves executing...Senior
- Siritech Solutions Corp is seeking an experienced RSA Archer GRC Security Analyst in Austin, Texas. This role involves supporting enterprise governance, risk, and compliance initiatives through RSA Archer's administration and configuration. The ideal candidate will work...Senior
- Crunchyroll is seeking an experienced Risk Analyst to support our Information Security GRC team. This role emphasizes governance, risk, and compliance, ensuring technology evolution aligns with employee needs and strategic goals. Successful candidates will have over 8...SeniorFlexible hours
- We’re thrilled that you are interested in joining us here at the Amynta Group! The Senior GRC Analyst is an experienced individual contributor within the IT Security function responsible for advancing Amynta’s governance, risk management, and compliance (GRC) program....SeniorWork at office
- PlacingIT is seeking an experienced SAP GRC Analyst to ensure a secure and compliant SAP environment in Richardson, TX. This role involves supporting SAP Governance, Risk, and Compliance initiatives and mitigating access risks. The ideal candidate should possess strong...Senior
- ...be a US Citizen or Green Card holder NO THIRD PARTIES Only local candidates will be contacted We are seeking a highly motivated GRC Analyst to support the modernization and transformation of our Governance, Risk, and Compliance (GRC) program. This role is ideal for someone...SeniorContract workLocal area
- ...Senior GRC Analyst - Toyota - 75 CTC -- Plano TX Responsibilities: Need auto experience Conduct compliance audits to ensure adherence to automotive cybersecurity standards and regulations. Project management - develop, maintain, and...Senior
- ...Radar Senior GRC Analyst Radar is the global leader in geolocation, with geofencing SDKs, maps APIs, and AI-enabled solutions for marketing, fraud, and operations teams. Despite our growth and scale, we're still just getting started. That's where you come in....SeniorWork at officeRemote work
- ## Senior GRC AnalystApplylocations: Westerville, OHtime type: Full timeposted on: Posted Yesterdayjob requisition id: R-101927Kokosing... ...looking for a Security Governance, Risk, and Compliance (GRC) Analyst to support and mature our security and compliance programs across...SeniorFor contractors
- ...Oura is seeking a Senior Governance, Risk, Compliance (GRC) Analyst to join the Security Team in New York City. This role involves leading GRC initiatives, managing compliance policies, and performing risk assessments. Candidates should have over 6 years of experience...SeniorRemote workFlexible hours
$110k - $130k
...Senior GRC Analyst Blue J is the leading generative AI solution for tax professionals. As a B2B SaaS company, our customers are accountants and tax experts who rely on our market-leading software to deliver fast, accurate, and defensible answers to complex tax questions...SeniorWork at officeImmediate startRemote work- ...Senior GRC Analyst Orlando, Florida, United States At Morgan & Morgan, the work we do matters. For millions of Americans, we're their last line of defense against insurance companies, large corporations or defective goods. From attorneys in all 50 states, to client...SeniorFull timeLocal area
- ...Senior GRC Analyst | Deltek, Inc You will be part of the GRC team responsible for assessment, audits of cloud environments, information systems, risk management, and security tools to ensure adherence to applicable frameworks, laws, and regulations. As a Senior GRC...SeniorRemote work
$130k - $150k
...come build with us at Crusoe. About This Role We’re seeking a GRC Analyst to support the day-to-day execution of our Governance, Risk, and... ...questionnaires and due diligence requests with guidance from senior team members Maintaining and updating audit and compliance...SeniorTemporary work$132k - $165k
...Senior GRC Analyst Remote Garner's mission is to transform the healthcare economy, delivering high-quality and affordable care for all. We are fundamentally reimagining how healthcare works in the U.S. by partnering with employers to redesign healthcare benefits...SeniorWork at officeRemote workFlexible hours- ...Senior Governance, Risk and Compliance (GRC) Analyst Bamboo Health is the leader in Real-Time Care Intelligence™ solutions aimed at improving lives for everyone experiencing physical and behavioral health challenges. We are driven by our mission to empower clients...SeniorContract workLocal areaRemote work
- ...Sr. GRC Analyst, Risk Management Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Risk Management is the primary owner and operational steward of the Enterprise Risk Register. This role is responsible for ensuring all identified...SeniorFor contractorsImmediate startFlexible hours
- ...The Role We Want You For Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Third-Party & Human Risk Management (TPHRM) is a risk-focused, highly analytical role that ensures all Human and Third-Party risk to Clayco is identified, quantified...SeniorImmediate startFlexible hours
$140k - $165k
...Senior GRC Analyst Dive in and do the best work of your career at DigitalOcean. Journey alongside a strong community of top talent who are relentless in their drive to build the simplest scalable cloud. If you have a growth mindset, naturally like to think big and...SeniorLocal areaRemote workWorldwideFlexible hours$161.6k - $202k
...— and that responsibility demands a security and compliance program that scales with the business. We're building out our dedicated GRC team to improve and mature our program! You'll join the Security team and work across four pillars: security certifications (HITRUST...SeniorWork from homeFlexible hours- ...Senior CERT Analyst (experienced level professional) Build a Career That Matters with One of the World's Most Respected Employers! - - - - - - - - - - - - Overview Michelin is hiring! We are looking for a highly technical performer who has a passion for...SeniorWork at officeRemote workWorldwideWeekday work
- Dormont Manufacturing Co is seeking a Senior Risk & Governance Analyst to join our GRC team in Dallas, Texas. This hybrid role involves maintaining our risk register, advancing AI risk governance, and supporting HIPAA compliance programs. The ideal candidate will have...Senior
- Forrester Research, based in Cambridge, MA, is seeking a Senior Analyst to deliver strategic advice and conduct research for risk management leaders. The ideal candidate will possess strong knowledge of risk practices, cyber risk quantification, and excellent communication...Senior
- A staffing agency based in Dallas, Texas is seeking a Senior Security Analyst to identify and mitigate security risks within the IT environment.... ...Information Security or IT and at least 3 years of experience in GRC/risk management. Competitive compensation and benefits...Senior
- Gilder Search Group is looking for a Sr. GRC Analyst focusing on Third-Party & Human Risk Management in Atlanta, Georgia. This role involves risk analysis, compliance assessments, vendor management, and developing security awareness training. The ideal candidate has 6-8...Senior
- Gilder Search Group is looking for a Sr. GRC Analyst focused on Third-Party & Human Risk Management in St. Louis, Missouri. The role ensures all human and third-party risks to Clayco are identified and treated appropriately. Key responsibilities include owning the TPRM...Senior
- Amynta Group in Fort Worth is seeking a Senior GRC Analyst to enhance its risk management and compliance program. This hybrid role requires an individual to assess information security risks and support audits across operations. The ideal candidate should possess a Bachelor...Senior
- A global beverage solutions provider is seeking a Sr IT Governance Risk and Controls Analyst in Tampa, Florida. This role focuses on maintaining and improving the IT governance, risk, and compliance program, particularly in SOX compliance. Responsibilities include conducting...Senior
$119k - $193k
Phase2 Technology is seeking a Senior Analyst to conduct research and provide strategic advice to risk management leaders. The ideal candidate will possess a deep understanding of risk management trends, practices, and compliance management. This role involves producing...Senior$150k
Crusoe Energy Systems LLC is looking for a GRC Analyst in San Francisco, CA to support their Governance, Risk, and Compliance program. The role includes managing user access reviews, supporting audits, and leveraging AI tools for process improvements. Ideal candidates will...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Experienced or Senior GRC Analyst. Be the first to apply!
Related searches
- grc analyst United States
- senior practice manager United States
- senior innovation manager United States
- senior warehouse manager United States
- senior game producer United States
- senior electronic design engineer United States
- senior quality assurance specialist United States
- senior robotics software engineer United States
- senior java software engineer United States
- senior specialist United States

