American Red Cross
IT Governance, Risk and Compliance Analyst
American Red Cross, Providence, Rhode Island, us, 02912
Job Description
By joining the American Red Cross you will touch millions of lives every year and experience the greatness of the human spirit at its best. Are you ready to be part of the world’s largest humanitarian network?
Join us – where your career is a force for good!
WHAT YOU NEED TO KNOW ABOUT THE JOB As an IT GRC Analyst, you will help mature and maintain the organization’s Governance, Risk, and Compliance (GRC) program. Your focus will be control assessment by evaluating, reviewing, tracking, and supporting policies and controls aligned with NIST 800-53/171, COBIT, ISO 27001, and SOC 2 frameworks. This role works cross‑functionally with IT, Information Security, Internal Audit, Legal, and Finance to assess risks, improve processes, and support audit readiness. The position is virtual and requires east‑coast hours, starting at 8 a.m.
Key Responsibilities
Governance, Risk & Compliance – Support daily GRC operations, policy development, and audit readiness.
Collaborate with stakeholders to strengthen internal controls and ensure compliance with federal regulations and industry standards.
Promote control awareness and accountability through training and consultation.
Maintain GRC tools (e.g., ServiceNow IRM) and stay current on technology trends.
Control Assessment
Evaluate IT control effectiveness across infrastructure, applications, and cloud environments.
Review documentation, identify gaps, and recommend improvements.
Track and report control findings, risks, and remediation plans.
Support exception and risk acceptance processes.
Audit Support
Coordinate with internal and external auditors and business units during assessments.
Provide consulting and first‑level support for audit activities and findings.
Assist in developing and executing remediation strategies.
Policy & Standards
Assist in drafting, reviewing, and implementing IT policies, standards, and procedures.
Analyze regulatory requirements and recommend updates to improve compliance.
WHAT YOU NEED TO SUCCEED (required/minimum qualifications)
Bachelor’s degree in Information Technology, Cybersecurity, Information Systems, or a closely related discipline.
Minimum 4 years of experience in IT audit, compliance, or Information Security.
Strong understanding of control frameworks: NIST, ISO, COBIT, FedRAMP, SOC 2.
Experience with control assessments, documentation review, audit coordination, and utilizing ServiceNow IRM.
Skilled in drafting and reviewing IT policies, standards and procedures.
Strong communication, analytical, and project management skills.
Experience working cross‑functionally with technical and business teams.
Familiarity with SAFe Agile or similar iterative delivery frameworks.
Certifications such as CISA, CRISC, CISSP, CISM are a plus.
Combination of education and general experience satisfies requirements; management experience cannot be substituted.
PAY INFORMATION
The annual salary range for this position is $90 K – $110 K.
We do not offer an annual bonus for this role.
Salary is aligned to the geographic location in which the work is primarily performed.
Other factors that may be used to determine your actual salary include your specific skills, how many years of experience you have, and comparison to other employees in this role.
We will review specific salary information at the time of phone screening based upon your location & experience.
This job will be posted for a minimum of five business days and extended if the applicant pool needs to be expanded.
BENEFITS FOR YOU
Medical, Dental, Vision plans
Health Spending Accounts & Flexible Spending Accounts
PTO: Starting at 19 days a year; based on type of job and tenure
Holidays: 11 paid holidays, including six core holidays and five floating holidays
401(k) with up to 6% match
Paid Family Leave
Employee Assistance
Short and Long Term Disability and Insurance
Service Awards and recognition
Qualified candidates must be authorized to work in the United States. The American Red Cross does not sponsor employment visas.
The American Red Cross is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers, San Diego Fair Chance Ordinance, the California Fair Chance Act, and any other applicable state and local laws.
To view the EEOC Summary of Rights, click here: Summary of Rights
#J-18808-Ljbffr
Join us – where your career is a force for good!
WHAT YOU NEED TO KNOW ABOUT THE JOB As an IT GRC Analyst, you will help mature and maintain the organization’s Governance, Risk, and Compliance (GRC) program. Your focus will be control assessment by evaluating, reviewing, tracking, and supporting policies and controls aligned with NIST 800-53/171, COBIT, ISO 27001, and SOC 2 frameworks. This role works cross‑functionally with IT, Information Security, Internal Audit, Legal, and Finance to assess risks, improve processes, and support audit readiness. The position is virtual and requires east‑coast hours, starting at 8 a.m.
Key Responsibilities
Governance, Risk & Compliance – Support daily GRC operations, policy development, and audit readiness.
Collaborate with stakeholders to strengthen internal controls and ensure compliance with federal regulations and industry standards.
Promote control awareness and accountability through training and consultation.
Maintain GRC tools (e.g., ServiceNow IRM) and stay current on technology trends.
Control Assessment
Evaluate IT control effectiveness across infrastructure, applications, and cloud environments.
Review documentation, identify gaps, and recommend improvements.
Track and report control findings, risks, and remediation plans.
Support exception and risk acceptance processes.
Audit Support
Coordinate with internal and external auditors and business units during assessments.
Provide consulting and first‑level support for audit activities and findings.
Assist in developing and executing remediation strategies.
Policy & Standards
Assist in drafting, reviewing, and implementing IT policies, standards, and procedures.
Analyze regulatory requirements and recommend updates to improve compliance.
WHAT YOU NEED TO SUCCEED (required/minimum qualifications)
Bachelor’s degree in Information Technology, Cybersecurity, Information Systems, or a closely related discipline.
Minimum 4 years of experience in IT audit, compliance, or Information Security.
Strong understanding of control frameworks: NIST, ISO, COBIT, FedRAMP, SOC 2.
Experience with control assessments, documentation review, audit coordination, and utilizing ServiceNow IRM.
Skilled in drafting and reviewing IT policies, standards and procedures.
Strong communication, analytical, and project management skills.
Experience working cross‑functionally with technical and business teams.
Familiarity with SAFe Agile or similar iterative delivery frameworks.
Certifications such as CISA, CRISC, CISSP, CISM are a plus.
Combination of education and general experience satisfies requirements; management experience cannot be substituted.
PAY INFORMATION
The annual salary range for this position is $90 K – $110 K.
We do not offer an annual bonus for this role.
Salary is aligned to the geographic location in which the work is primarily performed.
Other factors that may be used to determine your actual salary include your specific skills, how many years of experience you have, and comparison to other employees in this role.
We will review specific salary information at the time of phone screening based upon your location & experience.
This job will be posted for a minimum of five business days and extended if the applicant pool needs to be expanded.
BENEFITS FOR YOU
Medical, Dental, Vision plans
Health Spending Accounts & Flexible Spending Accounts
PTO: Starting at 19 days a year; based on type of job and tenure
Holidays: 11 paid holidays, including six core holidays and five floating holidays
401(k) with up to 6% match
Paid Family Leave
Employee Assistance
Short and Long Term Disability and Insurance
Service Awards and recognition
Qualified candidates must be authorized to work in the United States. The American Red Cross does not sponsor employment visas.
The American Red Cross is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers, San Diego Fair Chance Ordinance, the California Fair Chance Act, and any other applicable state and local laws.
To view the EEOC Summary of Rights, click here: Summary of Rights
#J-18808-Ljbffr