Information Security GRC Analyst
Ascend Technologies · Little Rock, AR
- On site
- Full-time
- $75,000 / year
- Little Rock, AR
Job highlights
- Support clients in GRC program development.
- Conduct risk assessments and gap analyses.
- Develop risk registers and remediation plans.
- Assist with third-party vendor risk.
- Collaborate on client-facing reports and audits.
About the role
Information Security GRC Analyst
Ascend Technologies is seeking a motivated and detail-oriented Information Security GRC Analyst to join our growing cybersecurity practice. In this fully remote role, you will support clients in building and maturing their governance, risk, and compliance programs, helping them navigate complex regulatory landscapes and reduce cyber risk. This is an excellent opportunity for early-career professionals looking to develop deep expertise across GRC frameworks, security controls, and client advisory work.
Responsibilities
- Assist in the development, implementation, and assessment of information security policies, standards, and procedures aligned to industry frameworks and regulatory compliance (HIPAA, SEC, FTC, NIST CSF, ISO 27001, SOC 2, CMMC, etc.).
- Assist with risk assessments, gap analyses, and control evaluations across multiple client engagements simultaneously across various industries.
- Participate in the development of risk registers, risk treatment plans, and remediation roadmaps.
- Assist with third-party/vendor risk assessments and due diligence activities.
- Document findings, prepare client-facing reports, and contribute to presentations and deliverables.
- Support audit readiness activities and facilitate evidence collection for audits and assessments.
- Stay current on emerging threats, regulatory changes, and evolving GRC best practices.
- Collaborate with GRC consultants and vCISOs to deliver engagements on time and within scope.
- Support the configuration, data entry, and maintenance of GRC tooling and platforms used to manage client compliance programs.
- Other responsibilities as assigned by management.
Minimum Skills, Education, and Experience
- 1–2 years of experience in GRC, cybersecurity, IT audit, or a related discipline.
- Foundational knowledge of security frameworks such as NIST CSF, ISO 27001, or CIS Controls.
- Strong written and verbal communication skills, with the ability to convey technical concepts to non-technical audiences.
- Ability to manage multiple tasks and deadlines in a fast-paced, client-driven environment.
- Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint).
- Strong analytical skills and attention to detail.
- Strong problem-solving and critical-thinking abilities.
- Ability to manage multiple engagements and deadlines.
- Collaborative, customer-centric mindset.
- High integrity and commitment to confidentiality.
Preferred Skills, Education, and Experience
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Business, or a related field.
- Relevant certifications or progress toward: CompTIA Security+, CISA, CRISC, or GRC Professional.
- Familiarity with GRC platforms such as Apptega, StandardFusion, or ControlMap.
- Experience with cloud environments (AWS, Azure, GCP) and associated compliance considerations.
- Experience with security awareness training platforms (KnowBe4, InfoSec IQ).
Compensation
Starting Compensation Range: $65,000 per year. The salary for this position is commensurate with experience, skills, and qualifications. The range is intended to reflect our commitment to attracting top talent, and the final offer will be based on factors including, but not limited to, the candidate's previous experience, expertise in the field, relevant certifications, and the specific requirements of the role. In addition, internal equity, market trends, and geographic location may also influence the final salary.
Diversity and Inclusion
At Ascend Technologies, we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.
Core Values
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:
- Committed to Client Success: Our actions and our words always align with the best interest of the client.
- One Team: We work collaboratively to overcome challenges with humility and respect and do what it takes to find innovative solutions.
- Integrity: We are unquestionably committed to doing the right thing even when it is hard.
- Accountability: We hold ourselves and each other accountable for keeping our commitments to our clients, our communities, and one another.
- Transparency: We create open lines of communication with each other and our clients, fostering relationships founded on candor and trust.
Physical Demands
Must be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs, such as laptop, server equipment, and, driving to the work site to meet with client(s).
Key skills/competency
- Information Security
- GRC
- Cybersecurity
- Risk Assessment
- Compliance
- NIST CSF
- ISO 27001
- SOC 2
- IT Audit
- Client Advisory
Skills & topics
- Information Security
- GRC
- Cybersecurity
- Risk Management
- Compliance
- IT Audit
- NIST CSF
- ISO 27001
- SOC 2
- Analyst
- Remote
- Client Advisory
How to get hired
- Tailor your resume: Highlight GRC, cybersecurity, and IT audit experience. Quantify achievements.
- Showcase framework knowledge: Emphasize familiarity with NIST CSF, ISO 27001, or CIS Controls.
- Demonstrate client skills: Detail experience in communication and managing multiple client engagements.
- Prepare for behavioral questions: Reflect on Ascend's core values like integrity and client success.
- Highlight relevant certifications: Mention CompTIA Security+, CISA, or CRISC if applicable.
Technical preparation
Behavioral questions
Frequently asked questions
- What are the key responsibilities for an Information Security GRC Analyst at Ascend Technologies?
- The Information Security GRC Analyst at Ascend Technologies will assist clients in developing and maturing their governance, risk, and compliance programs. This includes supporting policy development, conducting risk assessments, evaluating controls, managing third-party risks, preparing reports, and facilitating audit readiness.
- What experience is required for the Information Security GRC Analyst role?
- A minimum of 1-2 years of experience in GRC, cybersecurity, IT audit, or a related discipline is required. Foundational knowledge of security frameworks like NIST CSF or ISO 27001 is also essential.
- What are Ascend Technologies' core values for potential hires?
- Ascend Technologies values individuals who are committed to client success, operate as 'One Team' collaboratively, demonstrate integrity, hold themselves accountable, and foster transparency in all communications.
- Is the Information Security GRC Analyst position remote?
- Yes, this is a fully remote position, offering flexibility for candidates across different locations.
- What is the salary range for the Information Security GRC Analyst position?
- The starting compensation range for this role is $65,000 per year, with the final salary determined by experience, skills, qualifications, internal equity, market trends, and geographic location.
- What preferred qualifications would make a candidate stand out for the Information Security GRC Analyst role?
- Preferred qualifications include a Bachelor's degree in a related field, relevant certifications such as CompTIA Security+, CISA, or CRISC, familiarity with GRC platforms, and experience with cloud environments or security awareness training tools.
- How does Ascend Technologies approach diversity, equity, and inclusion?
- Ascend Technologies is committed to fostering an environment where every individual feels valued, respected, and empowered, viewing DEI as a driver of innovation, growth, and success.