GRC Analyst I

VGM Group, Inc•Waterloo, IA

1d•Hybrid

About The Position

The Governance, Risk, and Compliance Analyst I is an opportunity to be part of the shift from traditional, audit‑driven compliance to a more proactive, risk‑informed way of working. In this role, you’ll partner with teams across VGM to support governance, identify and track risk early, and help ensure we meet our regulatory and accreditation obligations—so work can move forward with clarity, consistency, and fewer surprises. This position is designed for individuals eager to build foundational experience in GRC across a variety of business units and regulatory environments. The Analyst will assist in maintaining internal controls, supporting risk assessments, and promoting compliance with applicable laws, standards, and ethical practices. This role is collaborative, cross-functional, and essential to fostering a culture of integrity and accountability across the enterprise.

Requirements

Bachelor’s degree in business, Information Systems, Risk Management, or a related field preferred.
0-2+ years of experience in governance, risk management, compliance, or internal audit.
Strong analytical and critical thinking skills.
Excellent written and verbal communication abilities.
Ability to manage multiple tasks and adapt to changing priorities.
High level of integrity, confidentiality, and attention to detail.
Collaborative mindset and willingness to learn.
Proficiency in Microsoft Excel and PowerPoint.

Nice To Haves

Familiarity with GRC frameworks or standards (e.g., SOC 1/2, HIPAA, GDPR, PCI-DSS, ISO 27001, NIST, etc.) is a plus.
Experience with GRC platforms or tools is a plus.

Responsibilities

Provide governance oversight for emerging technologies, including Artificial Intelligence (AI), ensuring adherence to organizational policies and ethical standards.
Assist in the development, review, and maintenance of internal policies and procedures.
Support governance committees and working groups by preparing materials and documenting outcomes.
Help ensure organizational policies remain current and aligned with business objectives and ethical standards.
Contribute to initiatives around emerging governance topics, such as AI ethics or data governance.
Participate in enterprise risk assessments and help maintain the organization’s risk register
Support third-party risk management activities, including vendor due diligence and monitoring.
Track remediation efforts related to identified risks or audit findings.
Collaborate with business units to identify and mitigate operational and strategic risks.
Monitor changes in laws, regulations, and standards that may impact the organization.
Assist in preparing for internal and external audits by collecting evidence and maintaining documentation.
Help ensure compliance with applicable regulatory requirements across departments.
Contribute to the development and delivery of compliance training and awareness programs.
Work with teams across IT, HC, Finance, and Operations to support initiatives.
Serve as a liaison for routing compliance questions or concerns to appropriate channels.
Promote a culture of transparency and ethical behavior through communication and engagement.
Support privacy and data protection efforts, including documentation and response coordination.
Assist in incident response planning and reporting in collaboration with the security team.