Security Risk Analyst

Talent Groups
Boston, US
On-site

Job Description

W2 Only - US Citizen or Green Card Perm Residents Only

Duration: till 6/30 with potential to be long term

Location: Onsite 2 days per week in Boston

Position Overview:

  • Hiring a Governance, Risk, and Compliance (GRC) Analyst! Join a great team of cyber security professionals and help us deliver our mission
  • GRC is a key pillar of the Information Security program, responsible for the alignment of IT activities to business goals and the management of information security risks.
  • Our GRC program needs your help while we expand our implementation and tracking of security safeguards across the organization.
  • The InfoSec GRC Analyst role will be a member of a 4-person team, reporting to the GRC Lead and will work closely with the Chief Information Security Officer (CISO) and InfoSec Lead.
  • The ideal candidate is a self-starter with a passion for building relationships and collaboration.
  • The candidate should have strong written and verbal communication skills.

Sample Duties and Responsibilities:

  • leading security frameworks such as the National Institute of Standards and Technology (NIST) Cyber Security Framework.
  • security requirements of the Payment Card Industry Data Security Standard and the maintenance of effective controls in our retail networks.
  • Actively participate in risk assessments with the team and facilitate the implementation of security safeguards across IT.
  • Develop tracking for ongoing risk mitigation work and the maintenance of security safeguards.
  • Track security safeguards for several compliance programs including Payment Card Industry Data Security Standard (PCI-DSS), Social Security Administration (SSA), Federal Motor Carriers Safety Administration (FMCSA), Criminal Justice Information Services (CJIS), and agency requirements for issuance of Real ID in Massachusetts.

Required

  • Two plus (2+) years of training or practical experience in IT Operations
  • Two plus (2+) years of training or practical experience in Information Security Risk Management

Preferred:

  • Bachelor's degree or equivalent in Cyber/Information Security
  • Industry certifications such as CISSP
  • Previous experience on a GRC team in a large organization
  • Previous experience with using enterprise GRC tools

Skills & Requirements

Technical Skills

It operationsInformation security risk managementCommunicationCollaborationCisspCyber securityGrc

Employment Type

FULL TIME

Level

junior

Posted

4/8/2026

Continue to LinkedIn

You will be redirected to the job posting on LinkedIn.