Governance, Risk, and Compliance (GRC) Analyst

Vintti is a staffing agency that acts as an economic enabler. By connecting US-based SMBs, startups, and firms with top-tier Latin American talent, we drive growth on both sides of the equation. For US businesses, we offer access to a pool of highly skilled professionals at competitive rates, allowing for increased efficiency and scalability. For Latin American workers, we provide opportunities to engage with the US market, fostering professional development and economic advancement. Vintti stands at the intersection of global talent and American enterprise, facilitating partnerships that stimulate economic prosperity across borders.

A Governance, Risk, and Compliance (GRC) Analyst is tasked with developing, implementing, and overseeing programs and procedures to ensure that an organization adheres to regulatory requirements and internal policies. This role involves identifying and mitigating potential risks, ensuring compliance with legal standards, and maintaining robust governance frameworks. The GRC Analyst collaborates with various departments to establish best practices, conduct audits and assessments, and provide training and guidance. Their objective is to safeguard the organization's integrity, protect its assets, and enhance its overall security posture while ensuring regulatory adherence.

- Bachelor's degree in Business Administration, Finance, Information Technology, or a related field.
- Minimum of 3-5 years of experience in governance, risk, and compliance.
- In-depth knowledge of regulatory requirements and industry standards (e.g., GDPR, SOX, PCI-DSS).
- Proficiency in risk assessment methodologies and control assessments.
- Experience with GRC software and tools.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills.
- Ability to produce clear and detailed reports.
- Strong organizational and project management skills.
- Familiarity with internal audit practices and procedures.
- Capability to conduct and facilitate training sessions.
- Experience in incident investigation and documentation.
- Ability to work collaboratively with cross-functional teams.
- Strong attention to detail and accuracy.
- Knowledge of business continuity and disaster recovery planning.
- Experience in vendor management and third-party risk assessment.
- Certification in GRC (e.g., CISA, CRISC, CIA) is an advantage.
- Proficiency in data analysis and dashboard creation.

- Monitor and analyze regulatory updates and industry standards.
- Conduct comprehensive risk assessments to identify compliance and operational risks.
- Develop, review, and update policies and procedures for regulatory alignment.
- Perform internal audits and control assessments for risk management effectiveness.
- Coordinate and facilitate employee training sessions on compliance and risk management.
- Prepare detailed reports for internal and external stakeholders on risk and compliance activities.
- Collaborate with various departments to ensure GRC strategy adherence.
- Investigate incidents and breaches, documenting findings and corrective actions.
- Support the implementation and maintenance of GRC software and tools.
- Develop and maintain a risk and compliance dashboard for real-time insights.
- Participate in business continuity and disaster recovery plan development and execution.
- Provide recommendations for improving risk management and compliance processes.
- Monitor third-party vendor compliance with contractual and regulatory requirements.
- Assist in the creation and submission of regulatory filings and reports.
- Track and manage compliance and risk-related projects for timely completion.

The ideal candidate for the role of Governance, Risk, and Compliance (GRC) Analyst is a highly experienced professional with a Bachelor's degree in Business Administration, Finance, Information Technology, or a related field and at least 3-5 years of proven experience in governance, risk, and compliance. They possess an in-depth knowledge of regulatory requirements and industry standards such as GDPR, SOX, and PCI-DSS, and are proficient in risk assessment methodologies and control assessments. The perfect candidate is technologically adept, comfortable using GRC software and tools, and brings strong analytical and problem-solving skills to the table. They are adept at producing detailed and clear reports and have a strong attention to detail and accuracy. Excellent communication and interpersonal skills allow them to effectively coordinate and facilitate training sessions and collaborate seamlessly with cross-functional teams. A strategic thinker with strong organizational and project management skills, they are proactive and self-motivated, capable of making confident decisions under pressure. Their high level of integrity, resilience, and ability to adapt to changing regulatory environments set them apart, as well as their experience in internal audit practices, incident investigation and documentation, and vendor management. Certification in GRC (such as CISA, CRISC, or CIA) is a significant advantage, alongside familiarity with business continuity and disaster recovery planning. The ideal candidate is a detail-oriented, thorough, and meticulous professional who manages time efficiently, exhibits strong leadership qualities, remains client-focused, and has a passion for continuous learning and improvement.

- Monitor and analyze regulatory changes and industry standards to ensure compliance and assess potential impacts.
- Conduct risk assessments to identify and evaluate compliance and operational risks.
- Develop, review, and update policies and procedures to align with regulatory requirements and best practices.
- Perform internal audits and control assessments to evaluate the effectiveness and efficiency of risk management processes.
- Coordinate and facilitate training sessions and workshops to educate employees on compliance requirements and risk management practices.
- Prepare detailed reports and documentation for internal and external stakeholders on risk and compliance activities.
- Collaborate with various departments to ensure adherence to governance, risk, and compliance (GRC) strategies.
- Investigate incidents and breaches, and document findings and corrective actions.
- Support the implementation and maintenance of GRC software and tools.
- Develop and maintain a risk and compliance dashboard to provide real-time insights and tracking.
- Participate in the development and execution of business continuity and disaster recovery plans.
- Provide recommendations to improve risk management and compliance processes and systems.
- Monitor third-party vendors for compliance with contractual and regulatory requirements.
- Assist in the creation and submission of regulatory filings and reports.
- Track and manage compliance and risk-related projects, ensuring timely completion and adherence to standards.

- Strong analytical mindset
- Detail-oriented
- Excellent problem-solving skills
- Effective communicator
- Strong interpersonal skills
- High level of integrity
- Proactive and self-motivated
- Adaptable to changing regulatory environments
- Strong organizational skills
- Collaborative team player
- Confident decision-maker
- High level of accuracy
- Efficient time management abilities
- Strong leadership qualities
- Technologically adept
- Strategic thinker
- Resilient under pressure
- Client-focused
- Passion for continuous learning
- Thorough and meticulous approach

- Competitive salary range: $70,000 - $90,000 annually
- Comprehensive health, dental, and vision insurance
- Retirement savings plan with company match
- Paid time off (PTO) including vacation, sick leave, and holidays
- Flexible work hours and remote work options
- Professional development and certification reimbursement
- Employee wellness programs
- Life and disability insurance
- Performance-based bonuses
- Tuition assistance for higher education
- Employee assistance program (EAP)
- Parental leave and family-friendly policies
- On-site gym and fitness benefits
- Company-sponsored social events and activities
- Career growth and advancement opportunities
- Subsidized commuter benefits
- Discounts on company products and services
- Dedicated mentor and coaching programs