Mid GRC Analyst

Mid GRC Analyst AspenView Technology Partners Denver, CO Job Details 22 hours ago Qualifications HIPAA compliance management ISO standards Regulatory compliance Compliance audits & assessments

SOC 2 HIPAA

Gap analysis Mid-level SOX 3 years Analysis skills Continuous improvement NIST standards Third-party risk management ServiceNow Overseeing audit functions Vendor risk management Communication skills Full Job Description Build the Future with AspenView Technology Partners At AspenView, we are passionate about transforming the way organizations approach technology. We specialize in creating high-performing, nearshore IT teams to help North American clients innovate faster and more efficiently. As we continue to grow, we're looking for exceptional people to join our team and help drive impactful change across industries. Why Join AspenView? At AspenView, we're more than a nearshore IT partner—we're a people-first, purpose-driven company that believes great culture drives great outcomes. We're passionate about connecting talent and technology to deliver measurable value for clients—and meaningful career paths for our people. Here's what you can expect: Competitive base Comprehensive benefits and wellness support Flexible work model: hybrid, remote, or in-office Real growth opportunities and leadership visibility Inclusive, respectful culture that blends U.S. innovation with Colombian heart A company that listens, invests in you, and celebrates wins together About the role The Mid-Level GRC Analyst operates at the intersection of compliance, risk, and operational integrity. You will be more than a compliance checker—you will be a strategic partner in protecting our organization's reputation and resilience. By embedding continuous audit readiness, strengthening our risk posture, and enabling teams to move fast without compromising on security or compliance, your work will directly shape how we meet industry standards, pass audits with confidence, and build a culture of accountability.

What you will do:

Lead and execute internal audits across business units, ensuring alignment with frameworks such as

ISO 27001, SOC

2, HIPAA, or SOX. Maintain and enhance our GRC platform (e.g., Archer, ServiceNow GRC, or similar) to track controls, risks, and remediation activities. Partner with IT, Security, and Operations teams to assess risks in new projects, vendors, and technologies. Support certification and regulatory compliance eYorts by preparing documentation, evidence, and audit responses. Monitor and report on key risk indicators (KRIs) and control eYectiveness metrics to leadership. Drive continuous improvement by identifying gaps, recommending process enhancements, and implementing best practices.

What you bring:

3-5 years of experience in governance, risk, and compliance, preferably in a technology-driven or regulated industry. Hands-on experience with GRC tools (e.g., Archer, LogicGate, ServiceNow GRC) and audit management workflows. Familiarity with compliance frameworks such as

ISO 27001, SOC 2, NIST

CSF, HIPAA, or SOX. • Strong analytical skills with the ability to translate complex regulations into actionable controls. Excellent communication skills—you can explain risk and compliance concepts to both technical and non-technical audiences. A proactive, detail-oriented mindset with a passion for building secure, compliant, and ethical business practice.

Equal Opportunity Employer:

AspenView is proud to be an equal opportunity employer. We believe in creating an environment where all employees feel welcome, valued, and empowered to succeed. We celebrate diversity and strive to build a culture of inclusion where all individuals, regardless of their race, color, gender, gender identity or expression, sexual orientation, disability, age, or any other characteristic, can thrive. We encourage applicants from all walks of life to join our team and make a lasting impact.