Senior GRC Analyst

Post Date

Jul 13, 2026

Location

Whitemarsh,
Pennsylvania

ZIP/Postal Code

19428
US
Sep 12, 2026 Insight Global

Job Type

Contract

Category

Security Engineering

Req #

PHL-62bef504-2ad7-4233-acd6-e5e81d7119ea

Pay Rate

$54 - $68 (hourly estimate)

Job Description

An R&D technology client is seeking a Senior Governance, Risk & Compliance Analyst for a contract role supporting the implementation and operationalization of an enterprise GRC platform. This role will focus on helping configure the GRC solution, establish risk and control workflows, support policy and risk framework alignment, and enable repeatable reporting and risk analysis processes.
The resource will partner with management, security, IT, compliance, and business stakeholders to translate governance requirements into practical GRC platform capabilities. Management will define overall policy direction, risk appetite, and risk tolerance levels; the Senior GRC Analyst will help operationalize those decisions within the platform.
Key Responsibilities
• Support the implementation and configuration of the GRC platform, including risk registers, control libraries, assessment workflows, reporting, and dashboards.
• Help translate management-defined policies, risk appetite, and risk tolerance levels into measurable GRC workflows and platform rules.
• Align the GRC setup to a NIST SP 800-53-based risk and control framework.
• Configure risk scoring models, risk categories, ownership structures, assessment templates, and remediation workflows.
• Support setup of risk and control ownership assignments across business, IT, and security teams.
• Develop practical workflows for risk identification, assessment, treatment, acceptance, exception tracking, and remediation.
• Operationalize Level 1 risk analysis, including intake triage, initial risk categorization, evidence review, scoring support, and escalation criteria.
• Assist with AI-enabled automation for Level 1 risk analysis, including intake summarization, control mapping, risk classification, suggested scoring, and draft remediation recommendations.
• Support integration planning with identity management, ticketing, reporting, or other enterprise systems.
• Create documentation, playbooks, procedures, and training materials to support sustainable GRC operations.
• Prepare initial risk, control, and compliance reports for leadership and stakeholders.
• Support stakeholder engagement, go-live readiness, and post-launch stabilization.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Required Skills & Experience

• Senior-level experience in governance, risk, compliance, or information security risk management.
• Hands-on experience implementing, configuring, or operationalizing a GRC platform.
• Strong understanding of risk registers, control frameworks, control testing, risk assessments, remediation tracking, and exception management.
• Experience with NIST SP 800-53 or similar control frameworks.
• Ability to translate governance and policy requirements into operational workflows, platform configuration, and reporting.
• Experience defining or supporting risk scoring models, risk categories, control mappings, and risk treatment processes.
• Ability to work with security, IT, compliance, audit, and business teams to drive ownership and adoption.
• Familiarity with AI-enabled workflow automation, risk intake automation, or analytics-driven risk triage.

Nice to Have Skills & Experience

• Experience with implementing GRC platforms.
• Experience integrating GRC platforms with ticketing, identity management, reporting, or workflow tools.
• Familiarity with AI use cases for GRC, including control mapping, risk summarization, evidence analysis, and automated risk triage.
• Experience supporting enterprise risk governance, security compliance, internal audit, or technology risk programs.
• Familiarity with regulatory, privacy, or cybersecurity frameworks such as ISO 27001, SOC 2, CIS Controls, or NIST CSF.
• Relevant certifications such as CRISC, CISA, CISM, CISSP, CGRC, or similar are a plus.

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.