Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior GRC Analyst

Clayco

Sr. GRC Analyst, Risk Management

Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Risk Management is the primary owner and operational steward of the Enterprise Risk Register. This role is responsible for ensuring all identified risk is accurately captured, properly rated, assigned to an accountable owner, actively worked, and driven to resolution across the Clayco organization. The analyst functions as the operational hub of the risk lifecycle from initial intake and classification through remediation coordination, escalation, stakeholder accountability, and reporting. This is a high-accountability, process-driven role that demands both technical depth and organizational influence. The analyst transforms the risk register from a static document into a dynamic governance instrument one that delivers a clear, current, and quantified view of organizational risk exposure to leadership. Additional responsibilities will be assigned as deemed necessary. Any travel is usually planned in advance, but issues may arise which warrant immediate travel to one or more satellite locations.

The Specifics of the Role:

  • Assumes the ownership and maintenance of the Enterprise Risk Register as the authoritative system of record for all identified risks across the Clayco organization.
  • Enforces rigorous data integrity standards: no missing owners, undefined due dates, stale entries, or incomplete risk descriptions.
  • Establishes and maintains a consistent process for risk creation, categorization, severity rating, and treatment classification to ensure comparability and defensibility of the data set.
  • Applies qualitative risk analysis methodologies, including likelihood/impact matrices to produce accurate, prioritized risk ratings.
  • Conducts regular audits of the risk register to surface stale, incomplete, or improperly rated entries and drive timely corrections with risk owners.
  • Maintains comprehensive documentation for each risk, including: risk description, affected assets and systems, threat source, inherent risk rating, current controls, residual risk, treatment decision, assigned owner, and target remediation date.
  • Manages the full risk lifecycle from intake through closure, including periodic re-evaluation of accepted risks to confirm continued acceptability.
  • Serve as the primary coordinator and driver of risk remediation and mitigation activities, ensuring every open risk has an actionable, time-bound treatment plan with a clearly accountable owner.
  • Collaborates with risk owners and technical teams to develop realistic remediation plans that define specific tasks, milestones, resource requirements, and completion criteria.
  • Coordinates corrective and preventive actions (CAPA) arising from audit findings, control failures, and policy exceptions, tracking each to verified closure.
  • Tracks and monitors remediation progress across all open items; proactively identify blockers, resource gaps, and at-risk milestones before they result in missed deadlines.
  • Escalates risks with insufficient remediation progress, missed SLAs, or unacceptable residual risk levels to the GRC Manager and relevant leadership with supporting data and recommended courses of action.
  • Assumes operational ownership of Vulnerability Management and External Attack Surface Management (EASM) processes:
  • In collaboration with SOC, ensures that Vulnerability Scanning output ingested into Workflow platform has high fidelity with accurate association with CI's
  • In collaboration with SOC, ensures that EASM output ingested into Workflow Platform has high fidelity with accurate association with CI's
  • Ensures effective tuning and appropriate scoring of Risk Rating algorithm
  • Ensures effective execution of assignment Rules and track remediation activity
  • Remediates Unknown/Unclassed CI's from scanning output and tune assignment Rules
  • Ensures timely and accurate reporting of active Risk and Vulnerability by severity as well as performance against Remediation targets process.
  • Collaborates cross-functionally with other Information Technology teams and Business Stakeholders across the Organization
  • Engages as necessary in all GRC functions to maintain an understanding of process and procedures
  • Provides leadership with comprehensive reports of compliance-focused activities and outcomes, as requested.

Requirements:

  • 5-7+ years' experience in Risk & Compliance Assessment, Audit & Reporting, or similar functions, preferably within the Information Security or Technology fields
  • 3-4+ years working specifically in Information Security roles involving Risk Analysis, Information System Security Assessment, Compliance Audit with Regulations, Frameworks, & Standards
  • Bachelor's degree in Information Technology or related field, or equivalent experience
  • Required Certifications: Certified in Risk & Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or Certified Information Systems Security Professional (CISSP) (Current status, or obtained within 9 months of assuming role)
  • Strong experience leveraging auditing principles and methods to evaluate policies, processes, systems, and vendors to identify business risks and control gaps
  • Experience in administering Risk management programs for technology and information security
  • Strong, technical knowledge of modern Systems, Services, Cloud Applications/Platforms, Identity Services, and Data Storage/Handling and their areas of Risk and Threat exposure
  • Experience with administering, maintaining, and leveraging a Risk Register to track and communicate identified Risk and its required remediation
  • Knowledge of statistics, reporting and analytical tools to analyze and solve complex problems
  • Proficiency in necessary productivity tools (i.e. Microsoft Excel, PowerPoint, Word etc.) for analytics and presentations
  • Operate with strong integrity with ability to handle projects of a sensitive & confidential nature
  • Excellent written and verbal communication skills with a proven ability to translate technical or abstract concepts into a narrative that is easily understood by clients.
  • Ability to thrive in fast-paced environment.

Some Things You Should Know:

  • No other builder can offer the collaborative design-build approach that Clayco does.
  • We work on creative, complex, award-winning, high-profile jobs.
  • The pace is fast!
  • This position is classified as a safety-sensitive role in accordance with applicable state and federal laws. Candidates selected for this position will be subject to a comprehensive background check, which includes mandatory drug testing.

Why Clayco?

  • 2025 Best Places to Work St. Louis Business Journal, Los Angeles Business Journal, and Phoenix Business Journal.
  • 2025 ENR Top 400 Top Data Center Contractor (Top 3).
  • 2025 ENR Top 100 Design-Build Firms Design-Build Contractor (Top 5).
  • 2025 ENR Top 100 Green Contractors Green Contractor (Top 3).

Benefits:

  • Discretionary Annual Bonus: Subject to company and individual performance.
  • Comprehensive Benefits Package Including: Medical, dental and vision plans, 401k, generous PTO and paid company holidays, employee assistance program, flexible spending accounts, life insurance, disability coverage, learning & development programs and more!

Compensation:

  • The salary range for this position considers a wide range of factors in making compensation decisions including but not limited to: Education, qualifications, skills, training, experience, certifications, internal equity, and location. Compensation decisions are dependent on the facts and circumstances of each case.
Clayco
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Senior GRC Analyst in Phoenix, AZ vacancy
  • Gilder Search Group is looking for a Sr. GRC Analyst to manage Third-Party & Human Risk while ensuring risks are identified and treated satisfactorily. The role requires 6-8 years in risk assessment, with a bachelor's degree and required certifications expected. You'll... 
    Senior
    Flexible hours

    Gilder Search Group

    Phoenix, AZ
    4 days ago
  • Sky Mavis seeks a Sr. GRC Analyst in Phoenix, AZ, to manage Third-Party and Human Risk Management. This analytical role involves vendor risk assessment, security awareness training, and compliance evaluation, ensuring holistic risk management. Candidates should have significant... 
    Senior

    Sky Mavis

    Phoenix, AZ
    1 day ago
  •  ...entertainment related building projects. The Role We Want You For Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Third‑Party & Human Risk Management (TPHRM) is a risk focused, highly analytical role that ensures all Human and... 
    Senior
    Immediate start
    Flexible hours

    Sky Mavis

    Phoenix, AZ
    1 day ago
  •  ...Governance, Risk, and Compliance (GRC) Analyst We operate at the intersection of technology and law, in an industry that demands agility...  ...seeking an experienced Governance, Risk, and Compliance (GRC) Senior Analyst to join our InfoSec team. This role will be... 
    Suggested
    Full time
    Flexible hours

    Fulcrum Global Technologies

    Phoenix, AZ
    3 days ago
  • Governance, Risk & Compliance (GRC) Analyst | Information Security | Phoenix AZ Hybrid | Arizona State Agency | Contract to Hire Contract or Full time | SunSoft Online | United States Posted On 06/18/2026 Job Information Job Opening ID 2912 Location Phoenix AZ Client... 
    Suggested
    Full time
    Contract work
    Local area
    Visa sponsorship

    SunSoft Online

    Phoenix, AZ
    3 days ago
  • A large enterprise organization is seeking a GRC Analyst to support a high-visibility security initiative in an onsite role based in downtown Phoenix, AZ. This is a contract position focused on governance, risk, and compliance activities across technology projects, with... 
    Contract work
    Work at office

    Motion Recruitment Partners LLC

    Phoenix, AZ
    1 day ago
  • Jobtailor is seeking a Security Risk Analyst in the Phoenix area to perform risk assessments, audit reviews, and manage security plans. You will generate findings reports, track remediation, and ensure compliance with NIST RMF controls. The role requires hands-on experience... 
    Local area
    Visa sponsorship

    Jobtailor

    Phoenix, AZ
    1 day ago
  • $46.51 per hour

    SunSoft Online is looking for a Governance, Risk & Compliance (GRC) Analyst to join an Arizona state agency's Information Security team. The role requires performing risk assessments, conducting audit reviews, and ensuring compliance with IT security standards. This hybrid... 
    Contract work
    Local area

    Sunsoft Services Inc

    Phoenix, AZ
    3 days ago
  • Motion Recruitment Partners LLC is seeking a GRC Analyst for a contract position in downtown Phoenix, AZ. This role involves ownership of governance, risk, and compliance activities on technology projects, ensuring comprehensive tracking and audit readiness. The ideal candidate... 
    Contract work

    Motion Recruitment Partners LLC

    Phoenix, AZ
    1 day ago
  • Kelly Services is looking for a GRC Analyst to enhance governance and compliance initiatives for a key security project based in downtown Phoenix, AZ. The contract role involves overseeing a project risk register, ensuring all documentation is audit-ready, and collaborating... 
    Contract work

    Kelly Services

    Phoenix, AZ
    1 day ago
  • Jobtailor in the United States (Arizona) seeks a seasoned Risk/Compliance professional to partner with the Line of Business, RCA teams, and management to build and maintain an effective risk management framework. You will drive initiatives to ensure compliance with federal...
    Senior
    Local area

    Jobtailor

    Phoenix, AZ
    1 day ago
  •  ...Senior Director, Principal Gifts About the Company Philanthropic organization supporting Indigenous culture & individuals Industry Non-Profit Organization Management Type Non Profit Founded 2017 Employees 11-50 Categories... 
    Senior

    Confidential

    Phoenix, AZ
    1 day ago
  • Jobtailor seeks a skilled Fraud Risk professional to oversee ERM across all business lines and delivery channels. You will develop and refresh risk assessments, map fraud risks to products and processes, and align ratings with risk appetites. You will support first-line...

    Jobtailor

    Phoenix, AZ
    5 hours ago
  •  ...or a related field. 3-7 years of experience in fraud risk, ERM, GRC, compliance, audit, or financial crime. Strong understanding of...  ...preparing risk assessments, issue management documentation, and senior management reporting. Experience in banking, credit unions, fintech... 
    Work at office

    Jobtailor

    Phoenix, AZ
    1 day ago
  • Jobtailor is seeking a detail-oriented Credit Analyst in Arizona to assess credit risk, analyze financial statements, and prepare reports for loan decisions. You will support treasury-related processes and collaborate with loan officers and executives to ensure compliance... 
    Senior

    Jobtailor

    Phoenix, AZ
    1 day ago
  • $66.5k - $88.02k

    Cardinal Health is seeking a Sr Regulatory Affairs Specialist to join their Medical Solutions Regulatory Affairs team. This remote position requires regulatory expertise to support medical device projects, including new product development and regulatory submissions. Ideal...
    Senior
    Remote work

    Cardinal Health

    Phoenix, AZ
    4 days ago
  • $149.3k - $184.43k

     ...Job Title: Senior Compliance Manager Location: CA - Westlake Village What you'll do: As a Senior Compliance Manager, you'll uphold the company's values and serve as a hands-on leader responsible for both managing a team and directly executing complex... 
    Senior

    Western Alliance Bank

    Phoenix, AZ
    2 days ago
  •  ...Alternatively, at least 6 years of related experience as an examiner or attorney with U.S. regulatory authorities, or a compliance analyst or consultant. Advanced knowledge of federal securities laws. Professional demeanor with high-profile clients. Major in compliance,... 
    Senior

    Jobtailor

    Phoenix, AZ
    1 day ago
  • $46.99k - $122.4k

    CVS Health is seeking a dedicated professional for the role focused on healthcare fraud investigation. The successful candidate will handle complex cases, prevent fraudulent claims, and cooperate with law enforcement. Qualifications include 3 years of experience in fraud...
    Senior
    Full time

    Hispanic Alliance for Career Enhancement

    Phoenix, AZ
    3 days ago
  • SunSoft Online in Phoenix, AZ is seeking a Senior Investigator to lead investigations into fraud and abuse related to DES programs and services. The role involves interviewing suspects and witnesses, gathering evidence, and preparing rigorous reports for prosecution or... 
    Senior

    SunSoft Online

    Phoenix, AZ
    3 days ago
  •  ...Senior Vice President, Legal and Chief Compliance Officer (CCO) About the Company Nationally recognized healthcare services organization Industry Hospital & Health Care Type Privately Held About the Role The Company is in search of a... 
    Senior

    Confidential

    Phoenix, AZ
    14 hours ago
  • Mutual Insurance Company is seeking a Senior Risk Management Consultant to provide expert consulting services to its policyholders, including healthcare professionals and organizations. This role includes tasks such as offering risk management guidance and developing educational... 
    Senior

    Mutual Insurance Company

    Phoenix, AZ
    14 hours ago
  • $120k - $135k

    The American Society for Healthcare Risk Management is seeking an experienced Senior Risk Management Consultant to provide high-value consultation and risk mitigation guidance. This role is ideal for someone with expertise in insurance defense or healthcare law, focusing... 
    Senior

    American Society for Healthcare Risk Management

    Phoenix, AZ
    14 hours ago
  • Jobtailor is seeking an experienced AML investigator to perform end-to-end financial crimes investigations for the U.S. operations. You will analyze complex cases, document findings, and coordinate with law enforcement as needed. The role includes coaching investigators...
    Senior

    Jobtailor

    Phoenix, AZ
    2 days ago
  • $112k - $143k

    UFG Insurance is seeking a Senior Risk Control Consultant to join their Risk Control Team in Phoenix, Arizona. This role focuses on risk assessment and provides leadership in underwriting and strategic planning. The ideal candidate should possess a bachelor's degree, relevant... 
    Senior
    Remote work

    UFG Insurance

    Phoenix, AZ
    3 days ago
  • Western Alliance Bank is seeking a Senior Model Risk Analyst to join its Model Risk Management Group in Phoenix, Arizona. This role involves model validation, governance activities, and developing the bank’s Model Risk Management program. The ideal candidate has over 5... 
    Senior

    Dormont Manufacturing Co

    Phoenix, AZ
    5 hours ago
  •  ...for complex lines of business, including large corporate, asset‑based lending, and capital markets. Interact with line of business senior management of complex lines of business. Communicate and influence RAR’s examination findings to line of business senior... 
    Senior
    Work experience placement

    Jobtailor

    Phoenix, AZ
    1 day ago
  • Responsibilities Review export documentation for accuracy (commercial invoices, packing lists, Automated Export Systems (AES) filings, shipping instructions). Conduct export reviews to confirm appropriate authorization prior to shipment or technology transfer. Support ...
    Senior
    Permanent employment
    Local area

    Jobtailor

    Phoenix, AZ
    1 day ago
  • Access Data Consulting Corporation seeks a Governance, Risk, and Compliance Analyst to join their security team in a hybrid work environment in Phoenix. The role involves ensuring compliance with security regulations while bridging technical infrastructure and regulatory... 

    Access Data Consulting Corporation

    Phoenix, AZ
    1 day ago
  • $64.89k - $173.04k

     ...CVS Health in Arizona is seeking a Senior Analyst within the Periodic Access Review (PAR) team, responsible for executing access review controls and ensuring compliance with regulatory requirements. The position demands strong time management skills, communication, and... 
    Senior
    Full time

    Hispanic Alliance for Career Enhancement

    Phoenix, AZ
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior GRC Analyst. Be the first to apply!