AlixPartners, LLP

Information Security GRC - Risk & Compliance Senior Analyst (Contract)

AlixPartners, LLP$90K — $120K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Information Technology or related field preferred; relevant work experience may be considered in lieu of education.
  • Minimum 3 years of professional work experience in Information Security, Risk, Compliance, Audit, or IT.
  • Experience with ISO 27001, SOC 2, PCI, HIPAA, or other global standards or regulations is highly preferred.
  • Desire for further training and certifications (CISSP, CISA, CRISC, etc.).
  • Excellent written and oral communication skills in English.

Responsibilities

  • Support the CISO with annual and periodic risk assessments for compliance audits.
  • Manage and analyze risk register to ensure accuracy and timely updates.
  • Conduct risk assessments and evaluate risk control effectiveness.
  • Track remediation actions with control owners and report status to leadership.
  • Collaborate with cross-functional teams to develop risk mitigation strategies.
  • Design and execute control tests to ensure compliance with requirements.
  • Prepare documentation for internal and external auditor requests.

Benefits

  • Hybrid work model providing flexibility with both in-office and remote options.
  • Opportunity for contract extension beyond December 2026.
  • Professional development support through training and certification opportunities.
  • Engagement with cross-functional teams to enhance collaboration skills.
  • Involvement in significant risk and compliance initiatives within a reputed organization.
Full Job Description
Location: Southfield, MI (contract/hybrid)

Assignment duration: through December 2026 with potential to extend

MUST BE CURRENTLY AUTHORIZED TO WORK IN THE UNITED STATES. NO VISA OR IMMIGRATION SPONSORSHIP FOR THIS ROLE, NOW OR IN THE FUTURE. (e.g., H-1B, STEM OPT, TN, etc.)

About the Role

As a member of the Information Security team, the IS GRC Senior Analyst - Risk & Compliance will be responsible for understanding the firm's security risk and compliance requirements. You will manage and maintain the risk register, analyze risk, and process risk assessments via the risk assessment platform. The IS GRC - Risk & Compliance will help set up and monitor control testing to support audit activities. This role will consult and interface with IT leadership, IT staff, and non-IT departments to conduct risk analysis and monitor controls.

The Information Security Governance, Risk & Compliance Senior Analyst (Risk & Compliance) is a full-time, contract position located in Southfield, MI reporting to the Information Security Governance, Risk, & Compliance Manager. Paid relocation and benefits are not available for this position.

What you'll do

Security Risk Management:
  • Support the CISO in the completion of the annual risk assessment required to support client and compliance audits, as well as periodic risk assessments as determined
  • Manage the review and analysis of risk register ensuring accuracy, completeness, and timely updates
  • Conduct risk assessments including evaluation of risk and control effectiveness
  • Track remediation actions to closure with assigned control owners, maintain due dates, escalate overdue items, and report status to leadership
  • Interview subject matter experts and gather information for conducting risk assessments
  • Collaborate with cross-functional teams to develop risk mitigation strategies
  • Conduct security assessments of third-party suppliers, including review of security questionnaires, supporting documentation, and independent audit reports
  • Identify third-party supplier gaps, risk ratings, and required mitigations

Control Framework and Testing:
  • Design, execute, and monitor control tests to assess compliance with contractual, regulatory, and internal requirements
  • Partner with control owners across IT and business functions; ensure roles and responsibilities are clearly communicated and understood
  • Prepare audit request materials and upload documentation for internal or external auditors
  • Measure and report metrics to IS GRC Risk & Compliance Manager, IS GRC Director and CISO
  • Improve security efficiency, streamline, and automate work processes while working collaboratively with other team members and IT staff to accomplish objectives
  • Additional responsibilities as identified. This description is not designed to encompass a comprehensive listing of required activities, duties, or responsibilities.

What You'll Bring
  • Bachelor's degree in Information Technology or related field preferred; relevant work experience may be considered in lieu of education
  • Minimum 3 years of professional work experience
  • Experience within Information Security, Risk, Compliance, Audit, or Information Technology is required
  • Experience with ISO 27001, SOC 2, PCI, HIPAA, or other global standards or regulations is highly preferred
  • Certified Information Systems Security Professional (CISSP) and/or Certified Information Systems Auditor (CISA) desired, but not required
  • Willingness to increase knowledge and credibility through obtaining training and/or certifications (CISSP, CISA, CRISC, etc.)
  • Attention to detail with the ability to manage and prioritize responsibilities effectively, adapt to changing circumstances to meet key deadlines under time constraints so work is completed in an accurate, timely manner
  • Excellent written and oral communication skills in English
  • Highly effective inter-personal and collaboration skills to support security programs and interface with people at all levels
  • Excellent problem-solving ability and ability to resolve issues under tight time frames
  • Experience using MS Office Suite (Word, Excel, PowerPoint, SharePoint etc.)
  • Experience using ServiceNow preferred
  • Highly organized with excellent organizational skills with experience operating in time-sensitive, ambiguous environments, balancing competing priorities with sound judgment and discretion.
  • Core working hours are generally 8:30 AM - 5:30 PM, Monday - Friday; willingness to work outside of normal U.S. business hours, and as unique projects/needs arise
  • Ability to work full time in an office and remote environment; physically able to sit/stand at a computer and work in front of a computer screen for significant portions of the workday
  • Must become familiar with, and promote and abide by, our Core Values as defined by the AlixPartners' Code of Conduct and foster an inclusive environment with people at all levels of an organization

AlixPartners has embraced a hybrid work model to provide flexibility and support our employees' work-life integration. Our hybrid model combines a mix of in-person at an AlixPartners office on Tuesday, Wednesday, and Thursday, with remote working options on Monday and Friday.

#LI-KL2

#LI-Hybrid

About AlixPartners, LLP

AlixPartners is a global consulting firm that specializes in helping businesses successfully address their most complex and critical challenges. The firm has expertise in a wide range of industries, including automotive, consumer products, energy, financial services, healthcare, manufacturing, media, retail, and telecommunications. AlixPartners provides a range of services, including corporate restructuring, performance improvement, and financial advisory services. The firm has offices in North America, Europe, and Asia.
Learn more about AlixPartners, LLP
Size
5,000 employees
Industry

Similar Jobs

More Jobs at AlixPartners, LLP

More Information Technology Jobs

Find similar Information Security GRC - Risk & Compliance Senior Analyst (Contract) jobs: