Senior GRC Analyst

Purpose--What Youll Do

• Serve as the primary compliance and governance contact for assigned MSP and MSSP clients.
• Guide clients through compliance readiness efforts including planning documentation policy development evidence preparation and auditor-facing coordination.
• Own the onboarding and ongoing service experience for compliance-focused MSSP clients.
• Prepare and deliver compliance-focused security QBRs cadence calls and client status updates.
• Write update and maintain Written Information Security Programs security policies governance documentation and related client-facing materials.
• Help scope coordinate and manage compliance and security projects to ensure work is scheduled communicated and delivered on time.
• Support Microsoft Purview data governance sensitivity labeling and Bronze/Silver/Gold data classification initiatives for Endsight and its clients.
• Advise internal leaders on compliance governance data protection and risk management needs.
• Coordinate with security analysts Client Strategy Managers (CSMs) consultants leadership and client stakeholders to keep compliance work moving.
• Participate in customized cybersecurity awareness training efforts for clients.
• Support the security teams shared SOC alert and on-call process by assisting with initial triage and communication when needed. This is not a hands-on technical support role.

• Clients clearly understand where they stand what comes next and what Endsight is doing on their behalf.
• Compliance work is organized scheduled tracked and communicated effectively.
• Policies WISPs QBRs status updates and client documentation are accurate practical and delivered on time.
• Internal and external stakeholders trust you as a calm clear and knowledgeable compliance resource.
• Endsights compliance and governance practice continues to mature through better process documentation and client experience.
• You can balance client advocacy with realistic guidance especially when expectations need to be reset.

Skills Knowledge and Expertise

• Bachelors degree and 6 years of relevant experience or 10 years of IT cybersecurity compliance or governance experience in lieu of a degree.
• Experience advising clients or internal stakeholders on security governance compliance readiness and risk management.
• Working knowledge of compliance and security frameworks such as NIST CIS Controls SOC 2 ISO 27001 HIPAA and/or CMMC.
• Minimum 2 years of experience with Microsoft Purview including data governance sensitivity labeling information protection or related Microsoft 365 compliance capabilities.
• SC-401 passed within three months of hire or previously attained. Endsight will pay for training and exams if not previously completed.
• CCP certification within six months of hire or previously attained. Endsight will pay for training and exams if not previously completed.
• Strong technical writing skills including the ability to create policies security program documentation status reports and executive/client-facing communications.
• Excellent communication organization collaboration and follow-through.
• Ability to manage competing demands across clients internal teams and leadership priorities.
• Strong attention to detail.
• Ability to work independently in a remote environment.
• Self-motivated proactive and comfortable moving work forward without constant direction.
• U.S. citizenship.

• Current CCP and Microsoft SC-401 certification.
• CISA CISM CISSP or similar governance risk compliance or security certification.
• Experience in an MSP MSSP consulting or client-facing security services environment.
• Experience supporting clients through CMMC ISO 27001 HIPAA SOC 2 or other regulated compliance efforts.
• Familiarity with security QBRs client roadmaps compliance reporting and executive-level risk communication.
• Ability to turn complex requirements into practical plans visuals summaries and client-ready explanations.
• Strong analytical and problem-solving skills.
• Genuine curiosity for cybersecurity governance and continuous improvement.

Benefits

• Medical: Company pays 100% of the base plan for the employee and family
• Dental & Vision
• 401(k) with employer matching
• Accrued Paid Time Off
• 9 Paid Holidays
• Career Pathing