Governance, Risk, & Compliance Specialist (REMOTE)

Governance, Risk, & Compliance Specialist (REMOTE)

Posted Today by Beacon Hill

Apply
Negotiable
Undetermined
Remote
Remote
Apply
Business Analysis Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Cloud Computing Cloud Technology Cyber Incident Response Cyber Security Data Protection Strategy External Auditing Governance Risk Management And Compliance Identity And Access Management Information Technology Information Technology Audits Management Mapping Software Market Trend Project Management Risk Management ServiceNow Stakeholder Management Vulnerability Vulnerability Management

Summary: Beacon Hill is seeking a fully-remote Governance, Risk, & Compliance (GRC) Specialist with experience in the energy sector for a contract-to-hire position. The role involves managing security compliance, audits, risk assessments, and policy governance to enhance the organization's security posture. Occasional travel may be required. Interested candidates are encouraged to apply online.

Key Responsibilities:

  • Support governance, risk, and compliance initiatives across the organization.
  • Maintain security documentation, policies, and compliance records.
  • Coordinate audit activities and compliance evidence collection.
  • Track remediation efforts, audit findings, exceptions, and risk treatment plans.
  • Conduct control testing, risk assessments, and vendor reviews.
  • Assist with mapping controls to security and compliance frameworks.
  • Maintain risk registers, control inventories, and compliance reporting.
  • Partner with internal stakeholders to support security and regulatory requirements.
  • Monitor compliance trends and contribute to continuous improvement of the security program.

Key Skills:

  • 3+ years of experience in GRC, cybersecurity compliance, IT audit, information security, or related areas.
  • Knowledge of frameworks including NIST, ISO 27001, SOC 2, and CIS Controls.
  • Experience supporting audits, control testing, evidence collection, and remediation activities.
  • Ability to develop and maintain security policies, standards, and procedures.
  • Experience with risk assessments, compliance reviews, and vendor risk management.
  • Strong documentation, organizational, and communication skills.
  • Experience collaborating with IT, Security, Engineering, Legal, Compliance, and other business teams.
  • Working knowledge of cloud security, identity and access management, vulnerability management, and incident response.
  • Experience in regulated or critical infrastructure industries (preferred).
  • Relevant certifications such as CISA, CISM, CISSP, CRISC, Security+, or ISO 27001 (preferred).
  • Experience with GRC platforms including ServiceNow GRC, Archer, OneTrust, AuditBoard, LogicGate, Drata, or Vanta (preferred).
  • Familiarity with privacy, data protection, and third-party risk management programs (preferred).
  • Experience creating compliance reporting, risk dashboards, and executive-level presentations (preferred).

Salary (Rate): undetermined

City: undetermined

Country: undetermined

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Beacon Hill is now hiring for a fully-remote GRC specialist who has experience working in the energy sector. This is a contract to hire position with occasional travel. If you or anyone you know is interested, please apply online and we will reach out!

Governance, Risk & Compliance (GRC) Specialist

Overview

Seeking a GRC Specialist to support the Information Security team by managing security compliance, audits, risk assessments, policy governance, and regulatory requirements across enterprise technology environments. This role will help strengthen the organization's security posture through effective governance and continuous compliance monitoring.

Required Qualifications

  • 3+ years of experience in GRC, cybersecurity compliance, IT audit, information security, or related areas.
  • Knowledge of frameworks including NIST, ISO 27001, SOC 2, and CIS Controls.
  • Experience supporting audits, control testing, evidence collection, and remediation activities.
  • Ability to develop and maintain security policies, standards, and procedures.
  • Experience with risk assessments, compliance reviews, and vendor risk management.
  • Strong documentation, organizational, and communication skills.
  • Experience collaborating with IT, Security, Engineering, Legal, Compliance, and other business teams.
  • Working knowledge of cloud security, identity and access management, vulnerability management, and incident response.

Preferred Qualifications

  • Experience in regulated or critical infrastructure industries.
  • Relevant certifications such as CISA, CISM, CISSP, CRISC, Security+, or ISO 27001.
  • Experience with GRC platforms including ServiceNow GRC, Archer, OneTrust, AuditBoard, LogicGate, Drata, or Vanta.
  • Familiarity with privacy, data protection, and third-party risk management programs.
  • Experience creating compliance reporting, risk dashboards, and executive-level presentations.

Responsibilities

  • Support governance, risk, and compliance initiatives across the organization.
  • Maintain security documentation, policies, and compliance records.
  • Coordinate audit activities and compliance evidence collection.
  • Track remediation efforts, audit findings, exceptions, and risk treatment plans.
  • Conduct control testing, risk assessments, and vendor reviews.
  • Assist with mapping controls to security and compliance frameworks.
  • Maintain risk registers, control inventories, and compliance reporting.
  • Partner with internal stakeholders to support security and regulatory requirements.
  • Monitor compliance trends and contribute to continuous improvement of the security program.

Beacon Hill is an equal opportunity employer and individuals with disabilities and/or protected veterans are encouraged to apply.

California residents: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

If you would like to complete our voluntary self-identification form, please or copy and paste the following link into an open window in your browser: ;/p>

Completion of this form is voluntary and will not affect your opportunity for employment, or the terms or conditions of your employment. This form will be used for reporting purposes only and will be kept separate from all other records.

Company Profile:

Beacon Hill Technologies, a premier National Information Technology Staffing Group, provides world class technology talent across all industries utilizing a complete suite of staffing services. Beacon Hill Technologies' dedicated team of recruiting and staffing experts consistently delivers quality IT professionals to solve our customers' technical and business needs.

Beacon Hill Technologies covers a broad spectrum of IT positions, including Project Management and Business Analysis, Programming/Development, Database, Infrastructure, Quality Assurance, Production/Support and ERP roles.

Learn more about Beacon Hill and our specialty divisions, Beacon Hill Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal, Beacon Hill Life Sciences and Beacon Hill Technologies by visiting .

Benefits Information:

Beacon Hill offers a robust benefit package including, but not limited to, medical, dental, vision, and federal and state leave programs as required by applicable agency regulations to those that meet eligibility. Upon successfully being hired, details will be provided related to our benefit offerings.

We look forward to working with you.

Beacon Hill. Employing the Future

Apply
Similar Jobs
Loading data...