GRC Analyst I

Position Summary

The Governance Risk and Compliance Analyst I is an opportunity to be part of the shift from traditional auditdriven compliance to a more proactive riskinformed way of this role youll partner with teams across VGM to support governance identify and track risk early and help ensure we meet our regulatory and accreditation obligationsso work can move forward with clarity consistency and fewer surprises.

This position is designed for individuals eager to build foundational experience in GRC across a variety of business units and regulatory environments. The Analyst will assist in maintaining internal controls supporting risk assessments and promoting compliance with applicable laws standards and ethical practices. This role is collaborative cross-functional and essential to fostering a culture of integrity and accountability across the enterprise.

Key Responsibilities

• Provide governance oversight for emerging technologies including Artificial Intelligence (AI) ensuring adherence to organizational policies and ethical standards.
• Assist in the development review and maintenance of internal policies and procedures.
• Support governance committees and working groups by preparing materials and documenting outcomes.
• Help ensure organizational policies remain current and aligned with business objectives and ethical standards.
• Contribute to initiatives around emerging governance topics such as AI ethics or data governance.
• Participate in enterprise risk assessments and help maintain the organizations risk register
• Support third-party risk management activities including vendor due diligence and monitoring.
• Track remediation efforts related to identified risks or audit findings.
• Collaborate with business units to identify and mitigate operational and strategic risks.
• Monitor changes in laws regulations and standards that may impact the organization.
• Assist in preparing for internal and external audits by collecting evidence and maintaining documentation.
• Help ensure compliance with applicable regulatory requirements across departments.
• Contribute to the development and delivery of compliance training and awareness programs.
• Work with teams across IT HC Finance and Operations to support initiatives.
• Serve as a liaison for routing compliance questions or concerns to appropriate channels.
• Promote a culture of transparency and ethical behavior through communication and engagement.
• Support privacy and data protection efforts including documentation and response coordination.
• Assist in incident response planning and reporting in collaboration with the security team.

Key Qualifications

• Bachelors degree in business Information Systems Risk Management or a related field preferred.
• 0-2 years of experience in governance risk management compliance or internal audit.
• Familiarity with GRC frameworks or standards (e.g. SOC 1/2 HIPAA GDPR PCI-DSS ISO 27001 NIST etc.) is a plus.
• Strong analytical and critical thinking skills.
• Excellent written and verbal communication abilities.
• Ability to manage multiple tasks and adapt to changing priorities.
• High level of integrity confidentiality and attention to detail.
• Collaborative mindset and willingness to learn.
• Proficiency in Microsoft Excel and PowerPoint.
• Experience with GRC platforms or tools is a plus.

Physical Requirements

• Ability to work at a desk use office equipment and participate in virtual or in-person meetings.

This job description reflects the general duties of the job but is not a detailed description of all duties which may be inherent to the position. Reasonably related additional duties may be assigned to the individual Associate.

VGM Group Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex pregnancy national origin disability genetic information military or veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.