"Alerted.org

_Troy, MI, USA_ | _Full Time_

**Job Title:** Governance, Risk, and Compliance (GRC) Analyst

**FLSA:** Exempt

**Prepared By:** Corporate IT Team

**Prepared Date:** November 7, 2025

SUMMARY

We are seeking a detail-oriented and strategic Governance, Risk, and Compliance ("GRC") Analyst to support our organization's governance, risk, and compliance initiatives. The ideal candidate will hold a CISA (Certified Information Systems Auditor) and/or CRISC (Certified in Risk and Information Systems Control) certification and possess a strong understanding of regulatory frameworks, risk management methodologies, and IT controls. This position ensures that all IT systems, processes, and data handling align with internal corporate policies, industry standards, and relevant federal/state regulations applicable to the housing and manufacturing sectors. The Analyst will be essential in maintaining compliance and proactively identifying and mitigating IT-related risks across the organization. This position will report to the Director, Security.

RESPONSIBILITIES

Key Responsibilities:

+ **Risk Management:**

+ Identify, assess, and monitor IT and business risks.

+ Develop and maintain risk registers and mitigation plans.

+ Collaborate with stakeholders to ensure risk awareness and accountability.

+ **Compliance Oversight:**

+ Ensure adherence to regulatory requirements (e.g., SOX, GDPR, HIPAA, PCI-DSS).

+ Conduct internal audits and support external audit activities.

+ Maintain documentation for compliance reporting and evidence collection.

+ **Policy & Control Development:**

+ Assist in the creation and review of security policies, standards, and procedures.

+ Evaluate and improve internal controls related to IT systems and data protection.

+ **GRC Tool Management:**

+ Support implementation and maintenance of GRC platforms.

+ Generate dashboards and reports for leadership visibility.

+ **Incident Response & Reporting:**

+ Participate in investigations of security incidents and breaches.

+ Provide post-incident analysis and recommendations.

QUALIFICATIONS

+ Bachelor's degree in computer science, Information Technology/Systems, Cybersecurity, or a related field.

+ CISA, CRISC or CGEIT certification required.

+ 3+ years of experience in GRC, IT audit, or risk management.

+ Strong knowledge of frameworks such as NIST, ISO 27001, COBIT, and CIS Controls.

+ Experience with GRC tools (e.g., Archer, AuditBoard, ServiceNow, MetricStream) is a plus.

+ Excellent analytical, communication, and documentation skills.

+ Preferred Skills:

+ Familiarity with cloud security and third-party risk management.

+ Ability to translate technical risks into business impacts.

+ Experience working in regulated industries (manufacturing housing, finance, healthcare, etc.).

EEO Statement

Champion Home Builders is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other legally protected characteristics. Champion Home Builders participates in the E-Verify Program.

Pay Transparency Statement

Champion Home Builders, Inc. publishes pay ranges in compliance with applicable law. Published pay ranges are not a promise of any specific pay for any specific employee and may not be reflective of actual compensation earned. Pay rates are dependent upon experience, education, and other factors. The company may provide additional monetary and nonmonetary compensation such as benefits and/or bonus plans for some, but not all positions.