Governance and Compliance Analyst

A Governance and Compliance Analyst manages risks related to security, privacy, and compliance.

Role overview

Governance and Compliance Analysts ensure that an organization’s operations and procedures meet government and industry compliance standards. They research regulations and policies on behalf of the enterprise, communicate the necessary requirements, apply for certifications, and serve as a subject matter expert on all compliance-related matters.

Governance and Compliance Analysts
may also be referred to as:
3rd Party Compliance Analyst
Certification And Accreditation Auditor
Cloud Compliance Security Engineer
Compliance Security Strategist
Cyber Compliance Analyst
Cyber Governance Metrics And Resolution Analyst
Cybersecurity Audit Analyst
Cybersecurity Auditor
Cybersecurity Compliance Advisor
Cybersecurity Compliance Analyst
Cybersecurity Compliance Engineer
Governance And Policy Analyst
GRC Analyst
Identity And Access Management Audit Analyst
Security And Compliance Analyst
Security And Compliance Engineer
Security Auditor
Security Compliance Administrator
Security Compliance Analyst
Security Compliance Assessor
Security Compliance Engineer
Security Compliance Specialist
Vulnerability Compliance Administrator

Career Path

Map your career path by understanding role relationships

Average Salary

Based upon experience, salary for this role ranges from:
National Average
* based upon those with two plus years of cybersecurity experience


Managing risks related to the use of Information Technology, Information Security, Privacy, Regulatory Compliance and Governance.
Ensuring and monitoring compliance with industry and government rules and regulations at all levels.
Conducting gap analysis and implementing frameworks and standards such as ISO 27001, GDPR, NIST, and SOX.
Developing and revising policies, standards, processes, and guidelines for the organization.
Conducting vendor risk assessments against organizational security requirements.
Continually testing and monitoring the effectiveness of security controls.
Conducting research to aid threat assessment or risk mitigation activities.
Developing mechanisms to align with the adoption and usage of current and emerging technologies.

Tools & Environment

Governance and Compliance Analysts need experience working with governance, risk, and compliance (GRC) tools such as ServiceNow, Archer, or MetricStream, and should be familiar with national and international regulatory frameworks like NIST, ISO, SOX, EU DPD, HIPAA, PCI DSS, and GDPR. These professionals also work with risk analytics tools, risk assessments, and reporting tools.


[cyber_job_role_count] Governance and Compliance Analyst jobs



Watch our latest videos, talks an recorded events

White Papers

Download our whitepapers and printed resources

Free Courses

Browse our training courses and educational resources
See All


Listen to our podcast features and recorded roundtables

Get our latest insights. Subscribe to our newsletter.