GRC Support- Hybrid | Houston, TX

H

HJ Staffing

GRC Support- Hybrid | Houston, TX

Houston, TX
Full Time
Paid
  • Responsibilities

    We are seeking a hands-on GRC Analyst to support a mission-driven healthcare organization. In this role, you will be the "boots on the ground" for risk assessments, risk register management, and day-to-day GRC operations.

    If you are a self-starter who can hit the ground running with minimal ramp-up time, this is an excellent opportunity to manage high-impact compliance and security initiatives in a fast-paced clinical environment.

    Key Responsibilities

    • Risk Assessments: Conduct comprehensive vendor and application risk assessments, including evaluations of emerging technologies.
    • Risk Register Management: Maintain and update the organizational risk register, including rigorous analysis, documentation, and evidence tracking.
    • GRC Operations: Manage the intake process, coordinate documentation, and handle follow-ups to ensure operational continuity.
    • Governance & DLP: Assist with broader governance initiatives and provide support for the Data Loss Prevention (DLP) program.
    • Compliance: Ensure all activities align with HIPAA and other relevant healthcare regulatory requirements.
    • Reporting: Prepare clear, actionable reports and dashboards for key stakeholders.

    Requirements

    • Experience: 3–5 years of dedicated experience in GRC, IT Risk, or Compliance.
    • Technical Proficiency: Strong understanding of IT/Security controls and experience with GRC tools (e.g., Archer, ServiceNow, OneTrust, ZenGRC).
    • Healthcare Knowledge: Deep familiarity with HIPAA and healthcare-specific compliance challenges.
    • Execution: Proven ability to manage a risk register and conduct assessments independently.
    • Logistics: Ability to work onsite in the Bellaire area every Tuesday.

    Preferred Qualifications

    • Industry Background: Prior experience specifically within a hospital or healthcare provider system.
    • Frameworks: Working knowledge of NIST, ISO 27001, or SOC 2.
    • Certifications: CISA, CRISC, or CISSP are highly desirable.

    Why Apply?

    • Impact: Support a healthcare organization dedicated to patient care during a vital transition period.
    • Flexibility: Enjoy a hybrid schedule with only one required day in the office per week.
    • Focus: Direct involvement in high-level risk and compliance strategy.