Sr. Governance, Risk, & Compliance Analyst Position Available In Davidson, Tennessee

Sr. GRC Analyst Nashville, TN | Hybrid (Tues-Thurs onsite) 6-Month Contract-to-Hire | Full-Time (40 hrs/week) A global professional services organization is hiring a Sr. GRC Analyst to support its growing Information Assurance program, based in downtown Nashville. This is a high-impact role focused on scaling compliance efforts, streamlining audits, and building a robust common control framework—working directly with the GRC manager in a small, agile team.

What You’ll Do:

Lead and support audits (SOC II, ISO 27001, FedRAMP) including audit evidence collection and control mapping Build and maintain a common control framework across multiple standards (ISO, NIST, CMMC) Own policy governance, risk tracking, and third-party vendor risk management Drive internal compliance initiatives including risk registers, control testing, and GRC tool optimization (UpGuard, KnowBe4, Loopio) Conduct security awareness training and phishing simulations Support contract reviews and internal assessments to ensure client and regulatory trust

What We’re Looking For:

5+ years of GRC, audit, or IT compliance experience in a corporate or professional services environment Experience with

SOC II, ISO

27001, or FedRAMP frameworks Proven ability to manage audits, gather documentation, and build policies from scratch Familiarity with enterprise risk registers, third-party assessments, and security awareness campaigns

Why This Role Stands Out:

Hybrid flexibility with a relaxed, in-office dress code (jeans welcome) Paid parking in a landmark downtown Nashville building Work directly with a seasoned GRC leader, with plenty of opportunity for ownership and process improvement Stable, collaborative team culture with long tenure and room for career growth No client-facing responsibilities — focus is entirely on internal security and compliance