Jr. Cybersecurity GRC Analyst

• Duration: 6 month contract, only through EOY
• Work schedule: M-F / 8-5

Must-Haves

• Foundational knowledge of cybersecurity governance, risk, and compliance (GRC)
• Experience or exposure to risk assessments and remediation tracking
• Strong documentation and organizational skills
• Understanding of compliance frameworks (NIST CSF, ISO 27001, PCI DSS)
• Ability to support audit preparation and evidence collection
• Experience maintaining risk registers, issue logs, and tracking tools
• Strong communication skills for cross-team collaboration

Plusses

• Exposure to vendor/third-party risk assessments
• Experience with application or software security reviews
• Familiarity with security awareness initiatives (training campaigns, phishing simulations)
• Experience tracking and reporting GRC metrics
• Prior internship or entry-level cybersecurity experience

Day-to-Day

• Assist in conducting cybersecurity risk assessments and documenting findings
• Track remediation activities and follow up on risk mitigation efforts
• Support software/application security reviews by collecting and validating data
• Maintain and update risk registers, issue logs, and tracking systems
• Assist with vendor risk assessments, including questionnaire reviews and evidence gathering
• Support compliance monitoring across frameworks (NIST, ISO, PCI)
• Prepare and organize audit documentation for internal and external audits
• Contribute to policy and standards documentation updates
• Support cybersecurity awareness initiatives and metrics tracking
• Follow intake and assessment workflows to ensure audit readiness and consistency

Job Description

Insight Global is seeking a Junior Cybersecurity GRC Analyst for a leading organization in the cybersecurity and risk management space. This entry-level role is ideal for candidates looking to build a strong foundation in governance, risk, and compliance. The individual will play a key role in supporting risk assessments, maintaining documentation, and assisting with compliance and audit activities. This position offers exposure to a variety of GRC functions, including vendor risk, policy development, and security awareness programs, while working alongside experienced professionals in a collaborative environment.