Governance, Risk & Compliance (GRC) Analyst
Alignerr · New York, NY
This listing has closed — view similar roles below.
- Hybrid
- Contract
- $50,000 / year
- New York, NY
Job highlights
- Evaluate AI systems using GRC expertise.
- Analyze security policies, controls, and procedures.
- Assess compliance scenarios and risk statements.
- Generate and validate AI training data.
- Provide feedback on AI reasoning errors.
About the role
Governance, Risk & Compliance (GRC) Analyst (AI Training)
About The Role
We're looking for experienced GRC professionals to help evaluate and improve AI systems being trained on real-world security, compliance, and risk scenarios. Your practitioner knowledge will directly shape how AI understands and reasons about governance frameworks, audit processes, and control environments — making a meaningful impact on the future of enterprise AI.
Organization: Alignerr
Type: Hourly Contract
Location: Remote
Commitment: 10–40 hours/week
What You'll Do
- Review and analyze security policies, controls, and procedures for accuracy and completeness
- Evaluate compliance scenarios across frameworks such as SOC 2, ISO 27001, and NIST
- Assess risk statements, control mappings, and audit-style documentation
- Generate and validate high-quality training and evaluation data for AI systems
- Apply your real-world GRC experience to identify nuanced reasoning errors in AI outputs
- Provide structured, precise written feedback using defined evaluation guidelines
Who You Are
- 2+ years of hands-on experience in GRC, compliance, risk management, or information security
- Solid familiarity with one or more major frameworks: SOC 2, ISO 27001, NIST CSF, PCI-DSS, or similar
- Comfortable reading and critically interpreting policy documents, audit reports, and control frameworks
- Detail-oriented with strong written reasoning and analytical communication skills
- Self-motivated and able to work independently on asynchronous, task-based assignments
Nice to Have
- Experience with data annotation, quality assurance, or AI evaluation workflows
- Background in internal audit, third-party risk, or security consulting
- Familiarity with GRC platforms or risk management tooling
Why Join Us
- Work directly on frontier AI projects with leading AI research labs
- Fully remote and flexible — work on your schedule, at your own pace
- Freelance perks: autonomy, variety, and global collaboration
- Contribute to meaningful work that shapes how AI reasons about real-world risk and compliance
- Potential for ongoing work and contract extension
Key skills/competency
- Governance Risk and Compliance Analyst
- GRC
- Risk Management
- Compliance
- Information Security
- SOC 2
- ISO 27001
- NIST
- AI Training Data
- Policy Analysis
Skills & topics
- Governance Risk and Compliance Analyst
- GRC
- Risk Management
- Compliance
- Information Security
- SOC 2
- ISO 27001
- NIST
- AI Training
- Policy Analysis
- Data Annotation
- Quality Assurance
- Remote
- Contract
How to get hired
- Tailor your resume: Highlight your GRC, compliance, risk, and information security experience. Emphasize familiarity with frameworks like SOC 2, ISO 27001, and NIST.
- Showcase AI evaluation skills: If you have data annotation or AI evaluation experience, feature it prominently. Detail your ability to identify reasoning errors.
- Demonstrate independent work ethic: Provide examples of your self-motivation and ability to complete asynchronous, task-based assignments effectively.
- Address the 'nice-to-haves': If applicable, mention your experience with GRC platforms, risk management tooling, internal audit, or consulting.
Technical preparation
Study SOC 2, ISO 27001, NIST frameworks.,Practice analyzing policy documents and audit reports.,Familiarize with AI evaluation and data annotation.,Understand GRC platforms and risk tooling.
Behavioral questions
Describe a complex GRC scenario you handled.,How do you ensure accuracy in policy analysis?,Provide an example of critical interpretation.,How do you manage asynchronous, independent tasks?
Frequently asked questions
- What is the primary responsibility of a Governance Risk and Compliance Analyst at Alignerr?
- The primary responsibility of a Governance Risk and Compliance Analyst at Alignerr is to evaluate and improve AI systems by applying real-world GRC expertise to security, compliance, and risk scenarios, directly influencing how AI understands these domains.
- What GRC frameworks are most relevant for the Governance Risk and Compliance Analyst role at Alignerr?
- Solid familiarity with one or more major frameworks such as SOC 2, ISO 27001, NIST CSF, or PCI-DSS is highly relevant for the Governance Risk and Compliance Analyst role at Alignerr.
- Is this a remote position for the Governance Risk and Compliance Analyst at Alignerr?
- Yes, the Governance Risk and Compliance Analyst position at Alignerr is fully remote, offering flexibility in work schedule and location.
- What kind of AI projects will a Governance Risk and Compliance Analyst work on at Alignerr?
- A Governance Risk and Compliance Analyst at Alignerr will work directly on frontier AI projects, helping to train and evaluate AI systems that process real-world security, compliance, and risk scenarios.
- What are the minimum experience requirements for the Governance Risk and Compliance Analyst role at Alignerr?
- The minimum experience requirement for the Governance Risk and Compliance Analyst role at Alignerr is 2+ years of hands-on experience in GRC, compliance, risk management, or information security.
- How does Alignerr leverage GRC expertise in AI training?
- Alignerr leverages GRC expertise by having analysts review and evaluate AI outputs related to security, compliance, and risk. This helps identify nuanced reasoning errors and ensures AI systems align with governance frameworks and control environments.
- What type of work commitment is expected for the Governance Risk and Compliance Analyst at Alignerr?
- The commitment for the Governance Risk and Compliance Analyst at Alignerr is hourly, ranging from 10 to 40 hours per week, allowing for flexible, task-based assignments.