So sorry, this position is no longer available. Please go ahead and submit your application. We may have other positions that would be the perfect fit for you. Alternatively, you may want to apply to one of the following related jobs:

Cybersecurity Governance Risk and Compliance (GRC) Analyst

Charlotte, NC 28226

Posted: 05/07/2025 Job Number: 1765

Job Description

Job Description:
We are seeking a proactive and detail-oriented Cybersecurity Governance Risk and Compliance (GRC) Analyst to join our IT Security team.  This position will be responsible for identifying, analyzing, and assessing potential cybersecurity risks that may impact the organization's digital assets, infrastructure, and data. The ideal candidate will work closely with IT Security, IT Operations and other business teams (contracts, proposals, etc) to develop strategies for risk mitigation, conduct risk assessments, and ensure compliance with regulatory and organizational security policies. This role plays a critical part in the tracking of IT compliance requirements and maintaining the organization’s risk management framework, compliance standards, and minimizing cybersecurity risks/threats.

Key Responsibilities:
  • Working knowledge of common information security management frameworks, regulatory requirements, and applicable standards such as: NIST, FARs, ISO, etc.
  • Develop and implement risk mitigation strategies, including risk transfer, acceptance, avoidance, or remediation.
  • Support security programs in compliance with relevant laws, regulations, and policies to minimize or eliminate risk and audit finding, support IT Audit Plan.
  • Continuously assess the effectiveness of current security controls and recommend improvements.
  • Create KPI and other metrics for different compliance standards.
  • Collaborate with various business departments to ensure security risks are considered in project planning and daily operations.
  • Evaluate, scope and prioritize risks based on potential business impact and likelihood of occurrence.
  • Be able to scope statutory, regulatory, and contractual compliance requirements to specific entities withing the company.
  • Identify contract and proposal IT requirements and track compliance against them through scoping, metrics, artifact gathering, and POA&M
  • Prepare and present detailed risk analysis reports to management and relevant stakeholders.
  • Ensure that all risk management practices align with applicable regulatory and industry standards
  • Assist in developing cybersecurity policies, standards, and procedures to reduce organizational risks.
  • Assist in gathering evidence for customer security questionnaires.
  • Assist the Business in getting prepared / answering audits.
  • Assist internal/external audits where cybersecurity IT inquiry is required, and perform cybersecurity analyze, with risks evaluation.
  • Facilitate execution of required testing and auditing activities for the IT Department by internal and external parties
  • Make broad recommendations on improving compliance related processes and/or procedures as it pertains to the IT department.
  • Conduct cybersecurity risk assessments and identify vulnerabilities, threats, and potential impacts to the organization’s infrastructure, systems, and data.

Additional Responsibilities.
  • Support Information and Cybersecurity Officer in goals of overall security of the environments.
  • Assist in cybersecurity in auditing of the environment.
  • Assist in identifying and scoping hardening requirements outside of normal best practices or industry baselines
  • Track third party or vendor risk assessments and supply chain risk management.
  • Participate in the section’s on-call rotation to monitor triage alerts after hours.


Requirements/Skills:
  • Project Management Skills
  • Proficient in conducting qualitative and quantitative risk assessments.
  • Excellent written and verbal communication skills, with the ability to present technical findings to non-technical stakeholders.
  • Familiarity with regulatory requirements and compliance frameworks such as
    • NIST (800-171, 800-53, CSF, RMF, AI, PII)
    • ISO 27001, 42001
    • NERC CIP
    • Industry Cyber regulation
    • Federal Cyber regulation
    • International Cyber regulation
  • Ability to work collaboratively with cross-functional teams to address cybersecurity risks and challenges.
  • Strong analytical and problem-solving skills, with the ability to interpret complex data to make informed decisions.


Working Requirements:
  • Ability to work independently, manage multiple projects, and prioritize tasks in a fast-paced environment.
  • Comfortable working in a hybrid or remote setting
  • Willingness to stay current with industry trends, threats, and advancements in cybersecurity through continuous learning.
  • Strong attention to detail, accuracy, and organizational skills.


Education/Certificate Requirements:
  • Required: a bachelor’s degree with experience in Computer Information Systems, Engineering, or related field.
  • One of the preferred certifications:
    • Certified Governance Risk and Compliance (CGRC)
    • Certified Information Systems Security Professional (CISSP)
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Auditor (CISA)
    • Certified in Risk and Information Systems Control (CRISC)
    • CompTIA Cybersecurity Analyst (CySA+)


Experience:
  • IT Cyber Compliance Auditor, with preferred four-year degree in Information Technology with an emphasis in information security.
  • A minimum of 1-3 years of experience in Information Security Risk Management, and proven track record in supporting role of risk analyst.
  • Experience in conducting risk assessments, managing vulnerabilities, and developing mitigation strategies.
  • Experience with regulatory compliance assessments and audit processes.
  • Previous experience working in a specific industry (e.g., finance, healthcare, or government) with knowledge of industry-specific risks is a plus.

EnergySolutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Apply Online at:  jobs.energysolutions.com
 

Meet Your Recruiter

John Haygood

Apply Online

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

About Charlotte, NC

Ready to embark on a new career adventure? Explore our job opportunities in and around Charlotte, North Carolina, where the Queen City's vibrant energy meets Southern charm. Known for its dynamic job market and diverse industries, Charlotte offers endless growth possibilities for professionals seeking new opportunities. Discover the city's rich history at the Levine Museum of the New South, catch a show at the Blumenthal Performing Arts Center, or immerse yourself in nature at the stunning Freedom Park. Indulge in the region's famous barbecue joints, explore the NASCAR Hall of Fame, or cheer on the Carolina Panthers at the Bank of America Stadium. Join us in Charlotte and unlock a world of career possibilities in this bustling city with a small-town feel.