AEG
Overview
GRC Analyst - Temp role at AEG. The GRC Analyst will support the continued evolution of AEG's Governance, Risk & Compliance program with a focus on maturing the Enterprise Risk Management (ERM) function. Responsibilities
Maintain the enterprise risk register; support cross-business risk workshops; document risks, causes, and controls; help track inherent vs. residual risk and remediation progress. Configure and maintain risk fields in the GRC platform (e.g., Archer, ServiceNow GRC, OneTrust, LogicGate); manage risk data stewardship & taxonomy; map risks to policies/standards and controls; attach evidence and test results for audit readiness. Lead remediation tasks in the GRC workflow; assign owners, set SLAs, monitor burn down and deltas; surface trends on heatmaps. Develop reports, metrics, and dashboards; translate risks into leading indicators (KRIs); prepare materials for quarterly Risk Committee meetings; maintain audit-ready evidence library mapped to controls/risk. Plan and execute compliance assessments (NIST CSF/800-53, ISO 27001, PCI-DSS); build assessment plans, define scope, and collect evidence; maintain policies/standards and support audits with evidence collection. Partner with IT Vendor Management to integrate vendor risks; assist with project/system risk reviews to embed compliance and security requirements. Lead GRC platform updates, workflows, data integrity, and dashboard maintenance. Collaborate with the SATE Program Manager to create awareness materials and micro-learnings translating enterprise risks and control gaps into training initiatives. Required Qualifications
BA/BS Degree (4-year) in Information Security, Computer Science, Business, Risk Management, or related field; or equivalent related work experience. 2-4 years experience in GRC, compliance, or risk-related roles, ideally in complex/global environments. Experience supporting a risk register, compliance assessments, and audits. Familiarity with ERM concepts (risk taxonomy, appetite/tolerance, inherent/residual risk). Working knowledge of compliance frameworks (NIST, ISO 27001, PCI-DSS, GDPR/CPRA). Ability to analyze and present risk/control data in business-friendly terms. Proficiency with GRC platforms (Archer, ServiceNow GRC, OneTrust, LogicGate) and Microsoft O365. Strong written/verbal communication; able to collaborate across functions. Highly organized, self-starter, able to manage competing priorities across regions and time zones. Certifications: CISSP highly preferred; CISM and CISA preferred but not required; CompTIA Security+ a plus. Pay Scale
$95,000 - 110,000 Bonus
This position is not eligible for a bonus under the current bonus plan requirements. Benefits
Full-time: We offer a comprehensive benefits package that includes medical, dental and vision insurance, paid holidays, vacation and sick time, company paid basic life insurance, voluntary life insurance, parental leave, 401k Plan (with current employer match of 3%), flexible spending and health savings account options, and wellness offerings. Employment terms
AEG reserves the right to change or modify the employee’s job description at any time during the employment relationship. AEG may require an employee to perform duties outside their normal description. AEG is an equal opportunity employer and will not discriminate against any individual on the basis of race, color, marital status, religion, age, sex, sexual orientation, national origin, or any other legally protected status recognized by federal, state or local law. For more information about opportunities, refer to the location and job postings section as applicable.
#J-18808-Ljbffr
GRC Analyst - Temp role at AEG. The GRC Analyst will support the continued evolution of AEG's Governance, Risk & Compliance program with a focus on maturing the Enterprise Risk Management (ERM) function. Responsibilities
Maintain the enterprise risk register; support cross-business risk workshops; document risks, causes, and controls; help track inherent vs. residual risk and remediation progress. Configure and maintain risk fields in the GRC platform (e.g., Archer, ServiceNow GRC, OneTrust, LogicGate); manage risk data stewardship & taxonomy; map risks to policies/standards and controls; attach evidence and test results for audit readiness. Lead remediation tasks in the GRC workflow; assign owners, set SLAs, monitor burn down and deltas; surface trends on heatmaps. Develop reports, metrics, and dashboards; translate risks into leading indicators (KRIs); prepare materials for quarterly Risk Committee meetings; maintain audit-ready evidence library mapped to controls/risk. Plan and execute compliance assessments (NIST CSF/800-53, ISO 27001, PCI-DSS); build assessment plans, define scope, and collect evidence; maintain policies/standards and support audits with evidence collection. Partner with IT Vendor Management to integrate vendor risks; assist with project/system risk reviews to embed compliance and security requirements. Lead GRC platform updates, workflows, data integrity, and dashboard maintenance. Collaborate with the SATE Program Manager to create awareness materials and micro-learnings translating enterprise risks and control gaps into training initiatives. Required Qualifications
BA/BS Degree (4-year) in Information Security, Computer Science, Business, Risk Management, or related field; or equivalent related work experience. 2-4 years experience in GRC, compliance, or risk-related roles, ideally in complex/global environments. Experience supporting a risk register, compliance assessments, and audits. Familiarity with ERM concepts (risk taxonomy, appetite/tolerance, inherent/residual risk). Working knowledge of compliance frameworks (NIST, ISO 27001, PCI-DSS, GDPR/CPRA). Ability to analyze and present risk/control data in business-friendly terms. Proficiency with GRC platforms (Archer, ServiceNow GRC, OneTrust, LogicGate) and Microsoft O365. Strong written/verbal communication; able to collaborate across functions. Highly organized, self-starter, able to manage competing priorities across regions and time zones. Certifications: CISSP highly preferred; CISM and CISA preferred but not required; CompTIA Security+ a plus. Pay Scale
$95,000 - 110,000 Bonus
This position is not eligible for a bonus under the current bonus plan requirements. Benefits
Full-time: We offer a comprehensive benefits package that includes medical, dental and vision insurance, paid holidays, vacation and sick time, company paid basic life insurance, voluntary life insurance, parental leave, 401k Plan (with current employer match of 3%), flexible spending and health savings account options, and wellness offerings. Employment terms
AEG reserves the right to change or modify the employee’s job description at any time during the employment relationship. AEG may require an employee to perform duties outside their normal description. AEG is an equal opportunity employer and will not discriminate against any individual on the basis of race, color, marital status, religion, age, sex, sexual orientation, national origin, or any other legally protected status recognized by federal, state or local law. For more information about opportunities, refer to the location and job postings section as applicable.
#J-18808-Ljbffr