Job Description

Job Description

Job Title: Lead GRC Analyst

Type: FTE

Location: Irving, TX (4 days on-site, 1 day remote)

Summary:

The Lead GRC Analyst will play a pivotal role in strengthening enterprise-wide governance, risk, and compliance operations across our client’s three business units: homebuilding, mortgage, and title. This role focuses on policy management, third-party risk assessments, IT audits, and vulnerability scanning. The ideal candidate will bring deep technical expertise, a strategic mindset, and the ability to work cross-functionally with diverse stakeholders to uphold cybersecurity and regulatory standards.

Key Responsibilities:

• Manage and maintain IT and security policies in alignment with regulatory frameworks
• Conduct comprehensive risk assessments and internal IT audits across business units
• Lead Third Party Risk Management (TPRM) efforts using tools such as One Trust and Security Scorecard
• Document and track vendor onboarding activities, including risk evaluations and remediation plans
• Analyze complex data sets using Excel (filters, pivot tables) to support decision-making and reporting
• Interface with internal stakeholders to identify, communicate, and remediate compliance issues
• Perform vulnerability scans and shift-left scanning to proactively identify risks
• Collaborate cross-functionally with teams across homebuilding, mortgage, and title divisions
• Support infrastructure security across both on-prem and cloud environments (AWS, Azure, GCP)
• Apply NIST 800-171 and NIST 800-53 standards to secure sensitive and federal information systems
• Provide guidance on operating systems including Windows and Linux (RHEL, Ubuntu, Debian, CentOS)
• Contribute to GRC program enhancements and support audit readiness initiatives

Qualifications & Experience:

• Bachelor’s degree in information technology, Information Security, or related field
• Strong experience in Governance, Risk, and Compliance (GRC)
• Strong experience in cybersecurity risk assessment and vendor onboarding
• Strong experience conducting internal or IT audits
• Strong policy management experience and familiarity with regulatory frameworks
• Proficiency in Excel for data analysis and reporting
• Experience with NIST 800-171 (primary) and NIST 800-53 standards
• Solid understanding of operating systems and infrastructure (Windows, Linux, Unix)
• Exposure to cloud platforms including AWS, Azure, and GCP
• Experience using Rapid7 for vulnerability scanning and risk analysis
• Strong communication and stakeholder engagement skills
• Ability to work independently and collaboratively across technical and business teams

Preferred Skills & Certifications:

• Experience with GRC tools such as Archer, ServiceNow GRC, Audit Board
• Familiarity with PCI DSS standards and secure data handling practices
• ITIL Certification or other relevant security/GRC certifications
• Exposure to project management tools (Jira, Confluence, Azure DevOps)
• Experience conducting modality or mobility curve assessments
• Background in systems administration or infrastructure security

Job Tags

Similar Jobs