Back to Jobs
Dallas, Texas On-site Employment

Momentum is hiring a GRC Analyst

Requirements

  • 5 to 7 years of professional experience in GRC, security compliance, risk management, or a comparable security-focused role
  • Direct involvement in managing or supporting a SOC 2 Type II audit, including gathering evidence, aligning controls, and coordinating with auditors
  • Working proficiency with the NIST Cybersecurity Framework, including conducting gap analyses, mapping controls, and tracking remediation efforts
  • Proven track record developing or structuring a comprehensive security policy library from the ground up, not merely revising existing materials
  • Experience conducting third-party and vendor risk evaluations using a tiered risk classification approach
  • Background in completing client security assessments using standard formats such as SIG, CAIQ, or comparable questionnaires
  • Clear grasp of how GRC responsibilities differ from and intersect with legal and privacy functions
  • Demonstrated ability to collaborate effectively with legal teams while maintaining distinct functional boundaries
  • Excellent written communication skills, with the ability to clearly articulate technical security controls for clients, auditors, and leadership
  • Strong project management discipline, including owning deadlines, initiating follow-ups independently, and ensuring tasks are completed reliably

Nice to Have

  • Experience with GRC tools such as OneTrust, Drata, Vanta, Whistic, or similar platforms
  • Familiarity with security awareness training systems like KnowBe4 or equivalent
  • Working knowledge of IT general controls across identity providers (e.g., Okta), SaaS applications (e.g., Google Workspace), cloud environments (AWS, GCP, Azure), and endpoint protection (e.g., CrowdStrike)
  • Understanding of business continuity and disaster recovery frameworks, including business impact analysis, defining recovery time and point objectives, and leading tabletop exercises
  • Exposure to artificial intelligence governance standards such as the NIST AI Risk Management Framework or the EU AI Act
  • Knowledge of compliance-related use of cloud access security brokers, data loss prevention tools, and cloud security posture management solutions
  • Experience operating in private equity, holding company, or multi-entity compliance settings is highly desirable
About company
Momentum

Momentum is a strategic operating and investment company specializing in acquiring and actively managing complementary businesses.

Momentum bridges innovation and impact, leveraging people and technology to build destinations for opportunity and growth.

We drive value with our proprietary operating playbook, deep industry expertise, advanced technology development, and the creation of global talent centers.

All jobs at Momentum Visit website
Job Details
Category security
Posted 12 days ago