Risk Compliance Analyst Visa Sponsorship Jobs in Texas

Job Summary

The Governance Risk & Compliance (GRC) Analyst will play a crucial role in supporting the development, implementation, and maintenance of our cybersecurity program. They will work closely with the Program Manager to identify security risks, develop mitigation strategies, and ensure compliance with industry standards and regulations. This position is ideal for a detail-oriented professional with a deep understanding of cybersecurity principles and best practices.

Essential Functions of the Role

• Coordinate audit response activities, gather evidence, track remediation progress, and ensure timely closure of findings
• Support cybersecurity compliance efforts across frameworks such as NIST, ISO 27001, SOC 2, and PCI
• Collect, organize, analyze, and report cybersecurity KPIs and KRIs to support risk based decision making
• Support planning, execution, and monitoring of cybersecurity and GRC projects and initiatives
• Identify and escalate requests that do not comply with security policies, standards, or control requirements
• Support Third Party Risk Management (TPRM) activities, including vendor assessments and evidence review as needed
• Collaborate cross functionally with IT, security, legal, procurement, and business teams to address governance and compliance needs
• Assist in maintaining and updating security policies, standards, and procedures
• Support risk assessments and document identified risks, control gaps, and recommend remediation
• Track and manage security exceptions, corrective action plans, and risk acceptances
• Prepare governance, risk, and compliance reports for leadership and stakeholders
• Perform other related duties as appropriate and as assigned

Key Success Factors

• Strong analytical, leadership, and problem solving skills
• Effective project coordination abilities with the capacity to translate business needs into actionable requirements
• Excellent written and verbal communication skills for engaging technical and non technical stakeholders
• Understanding of healthcare regulations and Payment Card Industry (PCI) requirements
• Ability to work independently while collaborating effectively within cross functional teams
• Knowledge of cybersecurity frameworks and risk assessment methodologies
• Strong understanding of healthcare technology environments, including EHR systems, clinical devices, and PHI handling
• Experience with cybersecurity frameworks such as NIST CSF 2.0, HITRUST, and CIS Controls
• Industry certifications such as CISSP, CISM, CRISC, HCISPP, HITRUST CCSFP, or similar credentials are strongly preferred

Qualifications

• Bachelor's degree (preferably in Information Security, Information Technology, Computer Science, or a related field) or 4 years of work experience above the minimum qualification. Preferably in
• 8 Years of Experience