GRC Support- Hybrid | Houston, TX

We are seeking a hands-on GRC Analyst to support a mission-driven healthcare organization. In this role, you will be the "boots on the ground" for risk assessments, risk register management, and day-to-day GRC operations., + Risk Assessments: Conduct comprehensive vendor and application risk assessments, including evaluations of emerging technologies.

• Risk Register Management: Maintain and update the organizational risk register, including rigorous analysis, documentation, and evidence tracking.
• GRC Operations: Manage the intake process, coordinate documentation, and handle follow-ups to ensure operational continuity.
• Governance & DLP: Assist with broader governance initiatives and provide support for the Data Loss Prevention (DLP) program.
• Compliance: Ensure all activities align with HIPAA and other relevant healthcare regulatory requirements.
• Reporting: Prepare clear, actionable reports and dashboards for key stakeholders.

If you are a self-starter who can hit the ground running with minimal ramp-up time, this is an excellent opportunity to manage high-impact compliance and security initiatives in a fast-paced clinical environment., + Experience: 3-5 years of dedicated experience in GRC, IT Risk, or Compliance.

• Technical Proficiency: Strong understanding of IT/Security controls and experience with GRC tools (e.g., Archer, ServiceNow, OneTrust, ZenGRC).
• Healthcare Knowledge: Deep familiarity with HIPAA and healthcare-specific compliance challenges.
• Execution: Proven ability to manage a risk register and conduct assessments independently.
• Logistics: Ability to work onsite in the Bellaire area every Tuesday., + Industry Background: Prior experience specifically within a hospital or healthcare provider system.
• Frameworks: Working knowledge of NIST, ISO 27001, or SOC 2.
• Certifications: CISA, CRISC, or CISSP are highly desirable.