Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Aqueduct Technologies, Inc.

GRC Analyst

Aqueduct Technologies, Inc.

GRC Analyst in Governance, Risk, and Compliance team designing and executing security programs. Working directly with clients to improve their security and compliance protocols.

Posted 4/12/2026full-timeCanton • Massachusetts • 🇺🇸 United StatesMid-LevelSeniorWebsite

About the role

Key responsibilities & impact
  • Support and progressively lead client compliance engagements
  • Contribute to the development of Aqueduct’s GRC service offerings
  • Assist with internal compliance initiatives and audit readiness activities
  • Support and conduct readiness assessments aligned to frameworks such as NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, and CMMC
  • Identify control gaps and provide practical, risk based remediation recommendations
  • Perform organizational risk assessments and document risk findings
  • Evaluate control effectiveness and recommend mitigation strategies aligned with business objectives
  • Conduct vendor risk assessments and due diligence reviews
  • Prepare clear, structured reports summarizing findings, risks, and recommended actions
  • Work closely with security operations, engineering, and account teams to align GRC initiatives

Requirements

What you’ll need
  • 3 or more years of experience in information security with exposure to GRC functions
  • Experience supporting or conducting assessments across one or more major frameworks such as NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, or CMMC
  • Working knowledge of risk assessment methodologies
  • Familiarity with third party risk management concepts and processes
  • Foundational understanding of Zero Trust principles and modern security architecture concepts
  • Experience in consulting, advisory, or managed services environments preferred
  • One or more of the following certifications is preferred but not required: CISA, CISM, CRISC, CISSP, CCSP

Benefits

Comp & perks
  • Professional development
  • Ability to work in a hybrid model in the Canton, MA area
  • Willingness to travel locally for client engagements as needed
  • Clear path toward Senior GRC Consultant responsibilities

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
risk assessmentcompliance assessmentscontrol effectiveness evaluationremediation recommendationsvendor risk assessmentsaudit readinessreport writingGRC service developmentrisk management methodologiesZero Trust principles
Soft Skills
leadershipcommunicationorganizational skillscollaborationanalytical thinkingproblem-solvingattention to detailclient engagementstructured reportingadvisory skills
Certifications
CISACISMCRISCCISSPCCSP