Aqueduct Technologies, Inc.

GRC Analyst

Aqueduct Technologies, Inc.

full-time

Posted on:

Location Type: Hybrid

Location: CantonMassachusettsUnited States

Visit company website

Explore more

AI Apply
Apply

About the role

  • Support and progressively lead client compliance engagements
  • Contribute to the development of Aqueduct’s GRC service offerings
  • Assist with internal compliance initiatives and audit readiness activities
  • Support and conduct readiness assessments aligned to frameworks such as NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, and CMMC
  • Identify control gaps and provide practical, risk based remediation recommendations
  • Perform organizational risk assessments and document risk findings
  • Evaluate control effectiveness and recommend mitigation strategies aligned with business objectives
  • Conduct vendor risk assessments and due diligence reviews
  • Prepare clear, structured reports summarizing findings, risks, and recommended actions
  • Work closely with security operations, engineering, and account teams to align GRC initiatives

Requirements

  • 3 or more years of experience in information security with exposure to GRC functions
  • Experience supporting or conducting assessments across one or more major frameworks such as NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, or CMMC
  • Working knowledge of risk assessment methodologies
  • Familiarity with third party risk management concepts and processes
  • Foundational understanding of Zero Trust principles and modern security architecture concepts
  • Experience in consulting, advisory, or managed services environments preferred
  • One or more of the following certifications is preferred but not required: CISA, CISM, CRISC, CISSP, CCSP
Benefits
  • Professional development
  • Ability to work in a hybrid model in the Canton, MA area
  • Willingness to travel locally for client engagements as needed
  • Clear path toward Senior GRC Consultant responsibilities
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
risk assessmentcompliance assessmentscontrol effectiveness evaluationremediation recommendationsvendor risk assessmentsaudit readinessreport writingGRC service developmentrisk management methodologiesZero Trust principles
Soft Skills
leadershipcommunicationorganizational skillscollaborationanalytical thinkingproblem-solvingattention to detailclient engagementstructured reportingadvisory skills
Certifications
CISACISMCRISCCISSPCCSP