✦ Luna Orbit — Cybersecurity

Senior GRC Analyst

at Cherry Bekaert

📍 Tampa, FL Hybrid Posted April 03, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Full-Time
Experience senior
Exp. Years Not specified
Education Bachelor's Degree in Information Technology or Cybersecurity or other related degree
Category Cybersecurity

About this role

Senior GRC Analyst to support the firm's cybersecurity governance, risk management, and compliance program. Responsibilities include policy maintenance, risk assessments, audits, third-party risk management, and incident governance across the enterprise.

Key Responsibilities

  • Manage GRC program development and maintenance
  • Operationalize security policies and control frameworks
  • Perform security risk assessments and document risks
  • Track risks, exceptions, and remediation actions
  • Support audits, client risk assessments, and third-party risk management

Technical Overview

Familiarity with industry frameworks (NIST CSF, NIST 800-53, ISO 27001, SOC 2, CMMC); GRC platforms and evidence collection; risk remediation tracking; cross-functional collaboration with IT, Legal, Privacy, and business units.

Ideal Candidate

The ideal candidate is a senior GRC Analyst with strong knowledge of NIST/ISO/SOC frameworks and a track record in risk assessments, audits, and third-party risk management. They should be able to lead governance initiatives, map controls to regulations, and collaborate with IT, Legal, and Privacy teams.

Must-Have Skills

Bachelor's Degree in Information Technology or Cybersecurity or other related degreeStrong understanding of cybersecurity governancerisk managementand compliance conceptsWorking knowledge of common security and compliance frameworks (e.g.NIST CSFNIST 800-53ISO 27001SOC 2CMMC)Experience performing security risk assessments and documenting riskscontrolsand remediation plansAbility to interpret technical security controls and map them to compliance and regulatory requirementsExperience supporting auditsassessmentsor client security questionnairesFamiliarity with third-party risk management and vendor security review processes

Nice-to-Have Skills

Certifications (e.g.CISACRISCCISM) preferredExperience with auditsSOC reportsclient security reviewsGRC tooling and evidence collection

Tools & Platforms

GRC platformsAudit management toolsSecurity controls mappingThird-party risk management toolsIncident governance tools

Required Skills

Security governancerisk managementand compliance concepts; experience with NIST CSFNIST 800-53ISO 27001SOC 2CMMC; risk assessments; vendor risk management; audits; incident governance; GRC tooling; client security questionnaires

Hard Skills

Cybersecurity governanceRisk managementComplianceSecurity policiesSecurity risk assessmentsThird-party risk managementAuditsSOC 2NIST CSFNIST 800-53ISO 27001SOC 2CMMCGRC platformsAudit management toolsIncident governanceVendor security reviews

Soft Skills

AnalyticalCommunicationCollaborationProblem-solvingProject management

Certifications

Preferred

CISACRISCCISM

Industry & Role

Industry Consulting
Job Function Lead cybersecurity GRC program to improve risk posture and regulatory compliance across the enterprise
Role Subtype GRC Analyst

Keywords for Your Resume

senior grc analystGRCsecurity governancerisk managementcomplianceauditsSOC 2NIST CSFNIST 800-53ISO 27001CMMCGRC platformsaudit managementincident governancethird-party risk managementprivacyregulatory requirementsvendor risk managementgrcnist csf

Deal Breakers

Lack of experience with NIST/ISO frameworks, Inability to collaborate with cross-functional teams, No ability to work in a hybrid on-site/remote Tampa environment

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile