• GRC Analyst

    Insight Global (Scottsdale, AZ)


    Job Description

    In this role, you’ll spend your days blending policy writing, risk analysis, and collaboration across teams—drafting and maintaining security policies tailored to a multi-tenant AWS environment, aligning with compliance frameworks like SOC 2, PCI, HIPAA, and ISO 27001. You’ll work closely with engineers and business stakeholders to ensure documentation reflects real-world workflows, identify and track security risks, support risk assessments, and prepare audit-ready evidence. You’ll also translate technical requirements into clear, actionable standards for non-technical teams, contribute to training and awareness efforts, and maintain governance through version control, continuous improvement, and reporting key metrics to leadership.

     

    We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

     

    Skills and Requirements

     

    - Bachelor's degree in Computer Science, Management Information Systems or equivalent experience

     

    - 5-7 years of experience in IT or IS Governance, Risk, and Compliance.

     

    - Demonstrated experience drafting and maintaining security policies, standards, and procedures.

     

    - Strong knowledge of compliance frameworks (SOC 2, PCI, DSS, HIPAA, ISO 27001, or similar).

     

    - Ability to communicate complex security concepts to both technical and business audiences.

     

    - Familiarity with AWS security services (IAM, GuardDuty, Config, Security Hub).

     

    - Experience supporting external audits (SOC 2, PCI, HIPAA).

     

    - Certifications such CISA, CISM, CISSP, or AWS Certified Security - Specialty.