To Apply for this Job Click Here
My client is looking for a Senior-level GRC Analyst to join their team who has a VERY STRONG background in writing--ideally policy writing.
Location: Remote Eligible
Employment Type: Contract
We are seeking a Cybersecurity Governance Analyst with exceptional technical writing and communication skills to support the ongoing development of our cybersecurity governance program. This role will play a pivotal part in shaping cybersecurity policies, procedures, and executive-level reports that inform and drive risk-reduction strategies.
The ideal candidate will have a strong background in cybersecurity governance, risk management, and compliance (GRC), along with proven experience in developing and maintaining policies, standards, and security documentation. If you have a talent for translating complex security concepts into clear, concise, and actionable content, we encourage you to apply.
Key Responsibilities:Governance & Compliance SupportAssist in developing, maintaining, and optimizing cybersecurity policies, standards, and procedural documentation to ensure alignment with NIST, ISO, HITRUST, HIPAA, PCI, and GDPR compliance frameworks.Participate in the assessment of existing policies and procedures, identifying gaps and opportunities for improvement.Contribute to the governance of cybersecurity leadership programs, including steering committees and the Business Information Security Officer (BISO) program.Technical Writing & DocumentationCreate and manage cybersecurity governance reports, executive summaries, and regulatory compliance documentation.Develop clear, structured, and comprehensive security policies that align with business objectives and regulatory requirements.Produce well-researched security insights and industry best practices reports for key stakeholders.Work with technical teams to translate cybersecurity risks, controls, and compliance requirements into digestible and actionable materials for leadership and employees.Metrics & ReportingAssist in the development of a formal cybersecurity reporting program, defining key metrics that track and manage security maturity across the organization.Prepare executive-level presentations summarizing cybersecurity initiatives, risks, and compliance updates for global audiences.Collaborate with stakeholders to ensure cybersecurity metrics align with business risk management objectives.Collaboration & CommunicationWork with leadership and governance teams to prioritize cybersecurity initiatives that align with strategic goals.Act as a liaison between security, IT, compliance, and business teams, ensuring alignment on security policies and governance initiatives.Support the development and implementation of cybersecurity branding and communication strategies to raise awareness and promote best practices across the organization.Required Qualifications:3+ years of experience in a cybersecurity governance, risk, compliance (GRC), or operations role.Strong experience with security risk management frameworks such as NIST, ISO 27001, HITRUST, HIPAA, PCI, and GDPR.Exceptional writing, editing, and communication skills, with the ability to translate complex technical cybersecurity concepts into clear, understandable, and actionable content.Experience in developing and maintaining security policies, procedures, and compliance documentation.Familiarity with cybersecurity metrics and reporting, with experience creating executive-level presentations.Ability to analyze cybersecurity governance trends and regulatory requirements to recommend security enhancements.Proficiency in Microsoft Office Suite (PowerPoint, Excel, Word, Outlook) and security governance platforms (e.g., ServiceNow GRC, OneTrust). hsmad310_1741626841 To Apply for this Job Click Here