Staff Level Governance, Risk, and Compliance professional (GRC) – Contract – Remote – $65.00 - $78.00/hr.
The final salary or hourly wage, as applicable, paid to each candidate/applicant for this position is ultimately dependent on a variety of factors, including, but not limited to, the candidate’s/applicant’s qualifications, skills, and level of experience as well as the geographical location of the position.
The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.
Our client is seeking a Staff Level Governance, Risk, and Compliance professional (GRC) for a Remote Opportunity.
Role Description
• Support the design, execution, and continuous improvement of the organization’s SOX ITGC program, with additional support for SOC 1, SOC 2, PCI, NIST, FTC, HiTrust, CSI, DNU readiness and reporting.
• Apply legal and regulatory expertise to ensure controls and compliance processes align with SOX ITGC program, with additional support for SOC 1, SOC 2, PCI, NIST, FTC, HiTrust, CSI, DNU, audit standards, and contractual obligations vendor, customer and staffing.
• Partner with control owners to ensure controls are properly designed, documented, and defensible from both an audit and legal perspective.
• Promote strong governance practices, consistency, and audit discipline across first line of defense (1LOD) teams.
• Identify opportunities to improve control maturity, documentation rigor, and compliance sustainability across the environment.
• Build Governance, Risk and Control program from the ground up and enforce compliance through MCA testing, Continuity of Business readiness, Audit support, General Risk Support.
Collaboration & Expertise
• Act as a key liaison between technology control owners, Internal Audit, external auditors, and business stakeholders.
• Provide subject matter expertise across SOX 302/404, ITGC, SOC frameworks, and relevant regulatory obligations.
• Leverage legal training to interpret audit findings, regulatory expectations, and contractual requirements, providing risk-informed guidance to stakeholders.
• Influence cross-functional teams through clear, well-reasoned recommendations grounded in compliance, risk, and legal considerations.
• Build strong partnerships to ensure alignment, transparency, and readiness for audit and compliance activities.
Analysis & Configuration
• Evaluate the design and operating effectiveness of IT controls, identifying gaps, risks, and areas requiring remediation.
• Assess audit evidence for completeness, quality, and defensibility, ensuring alignment with auditor expectations and regulatory standards.
• Apply legal reasoning to assess risk exposure, control sufficiency, and documentation adequacy.
• Analyze trends in audit findings and control performance to recommend improvements.
• Support configuration and optimization of GRC tools and risk/compliance tracking systems.
Operational Support
• Coordinate and support day-to-day compliance activities, including walkthroughs, testing support, evidence collection, and audit response management.
• Partner closely with external auditors (e.g., EY) and internal stakeholders to ensure efficient and timely audit execution.
• Support the development of clear, well-documented audit responses that are factually accurate, complete, and legally sound.
• Track remediation activities and ensure closure plans are actionable and aligned with compliance requirements.
• Maintain transparency in status reporting and communication across stakeholders.
Mentorship & Training
• Provide leadership to junior team members and control owners on compliance expectations, audit preparedness, and control best practices.
• Leverage legal expertise to help stakeholders better understand regulatory intent, risk implications, and documentation standards.
• Support development of training materials, playbooks, and guidance that improve audit readiness and consistency.
• Lead by example through strong execution, sound judgment, and a collaborative, advisory approach.
Innovation and Research
• Stay informed on evolving regulatory requirements, audit expectations, and legal considerations impacting SOX, SOC, and IT compliance.
• Evaluate opportunities to improve compliance processes through automation, standardization, and simplification.
• Research emerging risks and compliance trends, translating them into actionable program improvements.
• Recommend enhancements that improve evidence quality, reduce manual effort, and strengthen audit defensibility.
Strategic Planning
• Contribute to the broader technology compliance strategy by identifying risk themes, control gaps, and improvement opportunities.
• Leverage legal perspective to inform prioritization of compliance initiatives and remediation efforts.
• Support audit planning, readiness strategies, and stakeholder alignment across the compliance lifecycle.
• Connect day-to-day execution with long-term program maturity goals and regulatory expectations.
Influence the evolution of the compliance and control environment through expertise, insight, and cross-functional leadership.
Skills & Requirements
• 7+ years of experience in IT compliance, internal audit, risk management, or a GRC-focused role within a complex enterprise environment.
• 5+ years of hands-on experience with SOX IT General Controls (ITGC), including audit execution, walkthroughs, testing coordination, and remediation activities.
• Experience partnering with technology and business control owners to assess control design and operating effectiveness and drive remediation in a 1LOD environment.
• Experience working with Internal Audit and/or external auditors, including evidence coordination, walkthrough support, and issue resolution.
• Juris Doctor (JD) or equivalent law degree (required), with demonstrated ability to apply legal expertise across a growing Governance, Risk & Compliance organization, including:
• Reviewing and interpreting contracts, agreements, and vendor terms
• Applying legal and regulatory frameworks to compliance, audit, and risk functions
• Advising on governance standards, policies, and organizational controls
• Ensuring adherence to evolving regulatory requirements and industry standards
• Supporting data privacy, third-party risk management, and regulatory change initiatives
• Translating complex legal and regulatory language into actionable business guidance
• Strong understanding of risk management, regulatory compliance, and control frameworks.
• Ability to manage multiple workstreams and deliver high-quality work in a fast-paced environment.
• Strong communication skills, with the ability to translate complex compliance, technical, and legal concepts into clear guidance.
• Deep knowledge of SOX Section 302/404, IT General Controls, and SOC 1 / SOC 2 frameworks.
• Familiarity with frameworks such as COSO, COBIT, and NIST.
• Experience operating within a second line of defense (2LOD) function.
• Ability to assess control gaps and recommend legally sound, sustainable remediation strategies.
• Proficiency in GRC platforms and audit management tools.
• Certifications such as CISA and/or CRISC preferred.
• Experience integrating legal, regulatory, and technical perspectives into compliance program design and execution.
• Bachelor’s degree in Information Systems, Accounting, Finance, Business, Cybersecurity, or a related field, or equivalent professional experience. Equivalent experience may include a High School Diploma/GED with additional relevant experience in lieu of a bachelor’s degree (JD requirement still applies).
Benefits/Other Compensation
This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).
Why Hays?
You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.
Nervous about an upcoming interview? Unsure how to write a new resume?
Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.
Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays’ guiding principles is ‘do the right thing’. We also believe that actions speak louder than words. In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.
In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570.
Drug testing may be required; please contact a recruiter for more information.