Senior IT Compliance Analyst
About The Position
In this role, you will serve as a trusted expert in IT Governance, Risk, and Compliance (GRC), with a primary focus on enterprise risk management and organizational resiliency. You will directly contribute to Vizient’s security and risk strategy by identifying, assessing, and managing technology and information security risks across the enterprise. This role requires a strong understanding of both legacy systems and emerging technologies to proactively mitigate risk and strengthen Vizient’s overall security posture. The GRC Senior Compliance Analyst partners closely with compliance, security, technology, and business leadership to design, implement, and mature risk management practices. The role supports regulatory and governance obligations under frameworks and regulations such as SOX, HIPAA, and SEC requirements, while maintaining a balanced approach that prioritizes risk reduction and business resilience over compliance alone.
Requirements
- Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field preferred.
- 5–7 years of experience in IT risk management, governance, compliance, or information security.
- Strong understanding of IT risk management concepts, governance frameworks, and regulatory requirements, including SOX, HIPAA, and SEC standards.
- Experience managing risk registers, facilitating risk discussions, and presenting risk posture to leadership audiences.
- Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint).
- Experience using Power Automate, Power BI, or similar tools to create automated workflows and risk dashboards.
- Strong analytical, documentation, and problem-solving skills with the ability to translate risk and technical concepts into clear business-focused insights.
- Demonstrated ability to work independently and collaboratively to influence risk-based decision-making across technical and non-technical teams.
Responsibilities
- Conduct ongoing, enterprise-wide IT risk assessments in partnership with compliance, security, and business stakeholders.
- Maintain oversight of the IT and AI risk register, including facilitating monthly risk rating discussions and providing quarterly risk updates to leadership.
- Identify strengths and weaknesses in the risk management program related to privacy, security, business resiliency, and compliance frameworks.
- Analyze risk assessment findings, document and report program gaps, and recommend risk mitigation strategies to compliance and security leadership.
- Establish and operate within the organization’s risk management program, including documenting risk acceptance, tolerance levels, and ongoing reviews with leadership.
- Partner with compliance and security leadership to perform ongoing compliance and security assessments and recommend annual strategic technology and risk directives.
- Serve as a liaison with internal and external auditors to support risk-related inquiries, control validation, and remediation tracking.
- Develop and leverage automation and reporting tools (e.g., Power Automate, Power BI) to streamline risk reporting, automate routine tasks, and deliver executive-level dashboards.
- Collaborate across departments to raise awareness of enterprise risk, promote a risk-informed culture, and drive continuous improvement in governance and resiliency practices.
Benefits
- Vizient has a comprehensive benefits plan! Please view our benefits here: http://www.vizientinc.com/about-us/careers
- This position is also incentive eligible.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
