Enable job alerts via email!

Governance, Risk, and Compliance Specialist

CapTech Ventures, Inc.

Philadelphia (Philadelphia County)

On-site

USD 70,000 - 100,000

Full time

16 days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading consulting firm seeks a detail-oriented Governance, Risk, and Compliance Specialist to support their GRC functions. The role involves executing risk assessments, managing security training, and ensuring compliance with relevant frameworks. Ideal candidates will have 1-3 years of experience and relevant certifications, with strong analytical and communication skills.

Qualifications

  • 1-3 years of experience in Information Security, Risk, Compliance, or IT Audit.
  • Understanding of SOC 2, NIST 800-53, and ISO 27001 frameworks.
  • Experience with vendor management or third-party risk assessments preferred.

Responsibilities

  • Conduct technical risk evaluations of third-party tools and services.
  • Implement and manage annual security awareness training programs.
  • Assist in maintaining ITGRC policies and procedures.

Skills

Communication
Problem Solving
Analytical Thinking
Critical Thinking

Education

Relevant certifications (CGRC, Security+)

Tools

Microsoft Office

Job description

Governance, Risk, and Compliance Specialist

CapTech is an award-winning consulting firm that collaborates with clients to achieve what’s possible through the power of technology. We are passionate about our work and the results we deliver for clients, including Fortune 100 companies, mid-sized enterprises, and government agencies across the country.

We are seeking a detail-oriented GRC Specialist to support our Governance, Risk, and Compliance functions. The role involves executing third-party risk assessments, managing security awareness training, supporting policy reviews, and assisting with information security compliance initiatives.

Key Responsibilities:

  • Conduct technical risk evaluations of third-party tools, platforms, and services.
  • Perform vendor due diligence according to SOC 2 and internal standards.
  • Prepare and present assessment findings to the GRC Manager and Head of Information Security for review and approval.
  • Make recommendations to improve vendor security posture.
  • Implement and manage annual security awareness training programs.
  • Maintain and deliver security training for new hires, aligned with company policies.
  • Assist in maintaining and reviewing ITGRC policies and procedures, collaborating with policy owners to ensure they are current and aligned with controls.
  • Support responses to information security questionnaires from clients or partners.
  • Assist in evidence collection for audits and internal reviews.
  • Contribute to broader GRC functions under the guidance of the GRC Manager.

Minimum Qualifications:

  • 1–3 years of experience in Information Security, Risk, Compliance, or IT Audit.
  • Relevant certifications such as Certified Governance, Risk, and Compliance (CGRC), Security+, or an equivalent, to be attained within an agreed timeframe.
  • Understanding of SOC 2, NIST 800-53, and ISO 27001 or similar frameworks.
  • Excellent communication skills, capable of conveying technical risks to non-technical audiences.
  • Proficiency with Microsoft Office tools.
  • Strong problem-solving, analytical, and critical thinking skills.
  • Eagerness to learn and grow professionally.
  • Highly organized with the ability to manage tasks independently and seek guidance when needed.
  • Experience with vendor management or third-party risk assessments is preferred.
  • Experience with SOC 2 and NIST 800-53 compliance is preferred.

We offer opportunities for career development tailored to your skills and passions. CapTech is committed to fostering a diverse, inclusive, and equitable work environment. For more information about our Diversity, Inclusion, and Belonging initiatives, please visit our website.

Note: CapTech cannot sponsor or transfer work visas for this position. Applicants must be authorized to work in the United States without sponsorship.

Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs

Governance Risk & Compliance Analyst

Dosespot

Remote

USD 90,000 - 130,000

5 days ago
Be an early applicant

Solution Consultant - Governance, Risk, and Compliance

Davita Inc.

Iowa

Remote

USD 86,000 - 138,000

-1 days ago
Be an early applicant

Solution Consultant - Governance, Risk, and Compliance

Workiva

Remote

USD 86,000 - 138,000

3 days ago
Be an early applicant

Global Security GRC Analyst (Governance, Risk, and Compliance)

Dentons

Remote

USD 80,000 - 100,000

23 days ago

Global Security GRC Analyst (Governance, Risk, and Compliance)

Dentons

Remote

USD 60,000 - 110,000

29 days ago

Governance, Risk & Compliance Consultant

Malleum

Remote

USD 80,000 - 130,000

30+ days ago

Governance Risk and Compliance Lead

Kaleris

Atlanta

Remote

USD 80,000 - 140,000

30+ days ago

Governance Risk and Compliance (GRC) Analyst 3

C2 Labs, Inc.

Knoxville

On-site

USD 70,000 - 100,000

30+ days ago

Governance Risk and Compliance (GRC) Analyst 1

C2 Labs, Inc.

Knoxville

On-site

USD 60,000 - 100,000

30+ days ago