Governance, Risk Management, and Compliance (GRC) Associate

SUMMARY

The Cybersecurity GRC Associate will play a key role in strengthening the security posture of a growing Alternative Investments firm. This earlycareer opportunity is perfect for a sharp writer natural organizer and clear thinker who can cut through complexity to drive real risk reduction. Youll execute critical GRC activities craft strong policies translate technical requirements into practical guidance and lead projects with minimal oversight. Highly collaborative and actiondriven youll work closely with internal teams and external partners to maintain security standards assess risks support incident readiness and help the business move faster and smarter.

As an onsite/hybrid employee you are expected to be in the Chicago office on Tuesdays Wednesdays and Thursday.

KEY RESPONSIBLITIES

Governance

• Support the creation and maintenance of cybersecurity policies standards and procedures.
• Align governance practices with frameworks such as NIST CSF and CIS Controls.
• Participate in policy reviews steering committees and control effectiveness assessments.
• Deliver cybersecurity awareness training and track engagement metrics.
• Maintain GRC platforms for policy management issue tracking and reporting.

Risk Management

• Assist in identifying assessing and mitigating cybersecurity risks across internal operations.
• Conduct risk assessments business impact analyses and support remediation planning.
• Perform vendor risk reviews including SOC report analysis and contract assessments.
• Contribute to incident response planning DR/BC testing and postincident analysis.
• Help enhance and automate risk workflows using GRC tools and data.

Compliance

• Support compliance with cybersecurity laws and standards (e.g. GDPR SOX DORA).
• Assist with audits by gathering evidence responding to inquiries and tracking remediation.
• Monitor and maintain controls for data protection and compliance reporting.
• Respond to RFPs DDQs and client security requests with accurate information.
• Track regulatory changes and update compliance documentation as needed.

EDUCATION SKILLS AND EXPERIENCE REQUIREMENTS

The ideal experience and critical competencies for this role include the following:

• Bachelors degree in Cybersecurity Information Systems or a related field.
• Foundational knowledge of cybersecurity risk management and frameworks.
• Experience in cybersecurity IT audit GRC or compliance with exposure to governance tools.
• Strong attention to detail analytical thinking and effective communication skills.
• Comfortable working with both technical and business teams.
• Preferred certifications: CompTIA Security ISC2 CC GRCA.

OUR CULTURE

Technology security and risk management play a critical role at GCM Grosvenor enabling our team members to make timely datadriven and riskaware decisions in support of our clients. As stewards of $80B in assets we prioritize building secure resilient systems. Now is an exciting time to join the firm and the Alts industry as a cybersecurity and GRC leader helping to safeguard a rapidly digitizing environment and enabling the safe adoption of transformative technologies including AIdriven solutions.

We are not afraid to think differently. We embrace new ideas welcome change and believe security and compliance are enablers of innovation; not barriers. Our culture is one of empowerment accountability high performance transparency and trust. Successful team members are selfmotivated proactive risk managers who thrive in a fastpaced environment alongside thoughtful smart colleagues. We look for natural collaborators who can cut through complexity build trust across the organization and turn information into meaningful actionable outcomes that protect and strengthen the business.

Our cloudfirst environment hosted in AWS and Azure requires a modern agile approach to cybersecurity and risk management. As a GRC Associate youll help embed security compliance and resilience into our technology and business processes. Working alongside engineering and business teams youll support policy development risk assessments incident readiness and control testing bringing a practical actiondriven mindset to a highly collaborative fastpaced environment.

It is expected that the annual base salary range for this Chicagobased position will be $90000 $110000. Actual base salary may vary based on factors such as individuals experience skills and qualifications for the role. Employees may be eligible for a discretionary bonus based on factors such as individual team and company performance as well as a comprehensive benefits package.

ABOUT THE FIRM

GCM Grosvenor (Nasdaq: GCMG) is a global alternative asset management solutions provider with approximately $82 billion in assets under management across private equity infrastructure real estate credit and absolute return investment strategies.

The firm has specialized in alternatives for more than 53 years and has a diverse engaged team of approximately 550 professionals serving a global client base. We are proud to offer our employees a comprehensive benefits package focused on health and wellness retirement planning and diversity and inclusion. The firm is headquartered in Chicago with offices in New York Toronto London Frankfurt Tokyo Hong Kong Seoul and Sydney. For more information visit:.

EQUAL OPPORTUNITY EMPLOYER M/F/D/V