IT Risk Analyst (GRC)

M

MCPC

IT Risk Analyst (GRC)

Cleveland, OH
Full Time
Paid
  • Responsibilities

    Job Title: Governance, Risk, and Compliance (GRC) Analyst

     

    Employment Type: Contract-to-Hire

    *Must have at least 3 years - GRC Experience*

    Overview

    MCPC is seeking a skilled Governance, Risk, and Compliance (GRC) Analyst to support one of our valued clients in strengthening their data protection and risk management posture. This role will focus on implementing and maintaining governance frameworks, data classification standards, and Data Loss Prevention (DLP) controls. The ideal candidate will work closely with client stakeholders to ensure sensitive data is properly secured and aligned with organizational and regulatory standards.

     

    Key Responsibilities

    Governance & Policy Support

    • Assist in developing and implementing governance frameworks related to data access, classification, and DLP for the client.
    • Collaborate with client departments to ensure alignment with internal security policies and risk management practices.
    • Monitor governance activities and report on compliance metrics.
    • Support the creation of training materials to promote awareness of governance and cybersecurity policies.

    Data Protection & DLP Implementation

    • Design and maintain data classification and access control frameworks in coordination with client IT and security teams.
    • Deploy and manage DLP solutions to prevent unauthorized data access or exfiltration.
    • Conduct audits and assessments to ensure compliance with data protection policies.
    • Partner with data owners and technical teams to identify and mitigate risks related to data access and leakage.

    Cross-Functional Collaboration

    • Work alongside client legal, HR, IT, and compliance teams to ensure a unified approach to governance and data protection.
    • Participate in client-led initiatives to enhance their overall security posture.
    • Stay informed on emerging technologies and trends to recommend improvements to client strategies.

     

    Qualifications

    • Bachelor’s degree in Information Technology, Risk Management, Business Administration, or related field—or equivalent experience.
    • Minimum of 3 years of experience in GRC, data classification, or technology risk management.
    • Hands-on experience with DLP tools and technologies.
    • Industry certifications such as Security+, CC, or CDPSE are a plus.

     

    Core Competencies

    • Strong communication skills to bridge technical and non-technical audiences.
    • High ethical standards and commitment to confidentiality.
    • Self-driven and capable of working independently in dynamic environments.
    • Solid understanding of IT infrastructure and cybersecurity best practices.
    • Passion for continuous learning and professional development in the GRC space.