GRC Analytics & Automation Analyst (14010-1) Boston, MA

GRC Analytics & Automation Analyst (14010-1)
Boston, MA

If you post this job on a job board, please do not use company name or salary.
Experience level: Mid-senior Experience required: 5 Years Education level: Bachelor’s degree Job function: Information Technology Industry: Insurance Pay rate : View hourly payrate Total position: 1 Visa sponsorship eligibility: No
Position summary
The GRC Analytics & Automation Analyst builds and maintains data pipelines, automation, and dashboards that enable measurable compliance and continuous monitoring across the Compliance Governance Program. This role integrates GovCloud intake sources (SharePoint intake registry, AuditBoard exports, APIs) into Power BI, automates evidence collection where appropriate using Power Automate and connectors, and ensures metadata and taxonomy alignment with Canon Protocol v1.0.

This is a hybrid/ or 100% remote-eligible role reporting to the Director of Regulatory Compliance Environments ((onsite visits expected periodically for audits and triage)

Key responsibilities (measurable)
Own end-to-end data pipelines from GovCloud Intake Registry and source systems to Power BI; maintain data freshness SLAs (e.g., hourly/daily) and >99% pipeline success rate.
Design, implement, and maintain Power Automate flows and SharePoint integrations to automate evidence collection and workflow triggers; log and remediate automation failures within SLA.
Build executive and operational dashboards (Power BI) for control health, residual risk, and remediation status; support monthly and ad-hoc reporting to leadership.
Correlate control data across frameworks (NIST SP 800-53, SOC 2, ISO 27001) to visualize coverage and residual risk using canonical mapping.
Ensure metadata and taxonomy alignment with canon and maintain documentation of data models and lineage.
Partner with the GovCloud Compliance Analyst to reconcile automated data feeds with human-submitted evidence; implement validations and exception rules.
Support quarterly reviews and audit preparation by providing analytics extracts and evidence inventories.

Required qualifications
Minimum 3 years in GRC, data analytics, or process automation roles with experience integrating data sources.
Proficiency with Power BI (DAX and data modeling), Excel, and Power Automate.
Experience with SharePoint lists, data modeling, workflow design, and handling regulated data (PII/PHI protections).
Understanding of control frameworks (NIST SP 800-53, SOC 2, ISO 27001) and how to map control data for coverage analysis.
Bachelors degree in Information Systems, Data Analytics, or equivalent experience.
Preferred qualifications
Experience with AuditBoard or ServiceNow GRC and automating evidence ingestion.
SQL, Python, or advanced DAX skills for ETL and analytics.
Experience with APIs, connectors, and data governance practices.
Ability to translate compliance requirements into measurable metrics and KPIs.

If you post this job on a job board, please do not use company name or salary.
Experience level: Mid-senior Experience required: 5 Years Education level: Bachelor’s degree Job function: Information Technology Industry: Insurance Pay rate : View hourly payrate Total position: 1 Visa sponsorship eligibility: No
Position summary
The GRC Analytics & Automation Analyst builds and maintains data pipelines, automation, and dashboards that enable measurable compliance and continuous monitoring across the Compliance Governance Program. This role integrates GovCloud intake sources (SharePoint intake registry, AuditBoard exports, APIs) into Power BI, automates evidence collection where appropriate using Power Automate and connectors, and ensures metadata and taxonomy alignment with Canon Protocol v1.0.

This is a hybrid/ or 100% remote-eligible role reporting to the Director of Regulatory Compliance Environments ((onsite visits expected periodically for audits and triage)

Key responsibilities (measurable)
Own end-to-end data pipelines from GovCloud Intake Registry and source systems to Power BI; maintain data freshness SLAs (e.g., hourly/daily) and >99% pipeline success rate.
Design, implement, and maintain Power Automate flows and SharePoint integrations to automate evidence collection and workflow triggers; log and remediate automation failures within SLA.
Build executive and operational dashboards (Power BI) for control health, residual risk, and remediation status; support monthly and ad-hoc reporting to leadership.
Correlate control data across frameworks (NIST SP 800-53, SOC 2, ISO 27001) to visualize coverage and residual risk using canonical mapping.
Ensure metadata and taxonomy alignment with canon and maintain documentation of data models and lineage.
Partner with the GovCloud Compliance Analyst to reconcile automated data feeds with human-submitted evidence; implement validations and exception rules.
Support quarterly reviews and audit preparation by providing analytics extracts and evidence inventories.

Required qualifications
Minimum 3 years in GRC, data analytics, or process automation roles with experience integrating data sources.
Proficiency with Power BI (DAX and data modeling), Excel, and Power Automate.
Experience with SharePoint lists, data modeling, workflow design, and handling regulated data (PII/PHI protections).
Understanding of control frameworks (NIST SP 800-53, SOC 2, ISO 27001) and how to map control data for coverage analysis.
Bachelors degree in Information Systems, Data Analytics, or equivalent experience.
Preferred qualifications
Experience with AuditBoard or ServiceNow GRC and automating evidence ingestion.
SQL, Python, or advanced DAX skills for ETL and analytics.
Experience with APIs, connectors, and data governance practices.
Ability to translate compliance requirements into measurable metrics and KPIs.