GRC Analyst Career Path: What are GRC Analyst Jobs?

Подписаться 3,6 тыс.

Просмотров 13 тыс.

50% 1

Build skills in risk management with this training course: codered.samcart.com/referral/...
In this video, you learn about the GRC Analyst career path and what you might do in a GRC Analyst job. You will also learn about the average GRC Analyst salary and training you can do as a GRC Analyst.
Get personal career help here:
topmate.io/ken_underhill
Get better at job interviews and build your confidence with this short course.
cyberken23.gumroad.com/l/jbil...
If you need cybersecurity training, here are some good resources. Please note that I earn a small affiliate commission if you sign up through these links for the training.
Learn Ethical Hacking skills get.haikuinc.io/crk0rg6li6qd
Get Ethical Hacking skills, SOC Analyst skills, and more through StationX.
www.stationx.net/cyberlife
Other job titles for GRC Analyst
-Compliance Analyst
-Risk Management Analyst
-Governance Analyst
-Regulatory Compliance Analyst
-IT Risk Analyst
-Internal Controls Analyst
-Policy Analyst
-Audit Analyst
-Cybersecurity Compliance Analyst
-Regulatory Affairs Analyst
-Business Continuity Analyst
-Ethics and Compliance Analyst
-Data Privacy Analyst
-Enterprise Risk Management Analyst
-IT Governance Analyst
-Vendor Risk Analyst
-Security Compliance Analyst
-Financial Compliance Analyst
- Cybersecurity Policy Writer
- Cybersecurity Proposal Consultant
- Cybersecurity Governance Specialist
- Cyber & Tech Risk Underwriter
- Cybersecurity Technical Writer
- Cybersecurity Content Writer
- Cybersecurity Public Relations Specialist
Timestamps
00:00 GRC Analyst Career Path
00:55 GRC Analyst Overview
02:23 Alternate Job Titles for GRC Analyst
03:03 GRC Analyst Job Responsibilities
05:42 GRC Analyst Salary
06:51 Common Tools for a GRC Analyst
08:17 Certifications for a GRC Analyst
10:48 Key Takeaways from the Video
You can get an Exclusive discount on cybersecurity training courses here: www.stationx.net/cyberlife

Наука

Опубликовано:

27 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 57

@CyberLifeTV 8 месяцев назад

Build skills in risk management with this training course: codered.samcart.com/referral/zd8IqN9W/xcaSu79JNX0wDzVt Ask me a question: topmate.io/ken_underhill Learn how to be successful in job interviews in less than one hour, so you can get higher job offers. Limited time 20% discount because you support the RU-vid channel. cyberken23.gumroad.com/l/jbilol/youtube20 Schedule a mock job interview call with me at this link. topmate.io/ken_underhill/411153 If you need cybersecurity training, here are some good resources. Please note that I earn a small affiliate commission if you sign up through these links for the training. Learn Ethical Hacking skills get.haikuinc.io/crk0rg6li6qd Get GRC Analyst, Ethical Hacking skills, SOC Analyst skills, and more through StationX. www.stationx.net/cyberlife

@digitalnomad4535 8 месяцев назад

man im so glad he is reviewing all the roles. its confusing for someone like me who is new to the industry

@CyberLifeTV 8 месяцев назад

Yeah, most schools just tell people about SOC Analyst, Cybersecurity Analyst, Cybersecurity Engineer, and Penetration Tester, so you get thousands of people applying for every open job in this areas.

@tewodrostilahun3801 8 месяцев назад

Thanks a lot Ken very helpful insight, articulated and brief one lOVE it

@CyberLifeTV 8 месяцев назад

Thank you

@emmanueloffei7881 3 месяца назад

Thank you so much for producing this video. I have been trying to understand for the longest time exactly where in cyber security I can get started AND also work from home. This knowledge is super helpful. Keep up the great work Ken!

@CyberLifeTV 3 месяца назад

Thank you. Non “cybersecurity” jobs have remote work opportunities as well. Some examples are cloud architect, solutions architect, cloud engineer, and sysadmin.

@Sci-Fi_Fan296 10 месяцев назад

This was very helpful. I look forward to seeing more of your content. Thanks for providing these helpful tips and valuable information. Its appreciated.

@CyberLifeTV 10 месяцев назад

Thank you

@teshahuntley9003 7 месяцев назад

Great video, thank you for sharing your knowledge

@CyberLifeTV 7 месяцев назад

Thank you

@cyberja Год назад

Love this Ken. Very informative, as I'm passionate advocate for GRC.

@CyberLifeTV Год назад

Thank you

@lakshmigayatri3548 Год назад

Great video. Thank you so much

@CyberLifeTV Год назад

Thank you

@Nate_Vee Год назад

Great video, and thank you

@CyberLifeTV Год назад

Thank you

@Engycation Год назад

i just subscribed in your channel with my fist like and comment

@CyberLifeTV Год назад

New cybersecurity career videos drop every Tuesday and Friday at 9am EST. What other questions do you have about your cybersecurity career?

@lakshmigayatri3548 Год назад

I am looking for career in GRC. I do not have prior experience. Is it possible to land in one practically

@CyberLifeTV Год назад

@@lakshmigayatri3548 yes, GRC is one career path where you can get a job with no experience in the role. I suggest looking at job postings that ask for 3 or less years of experience and focus on the fact you have other "experience" from work and/or your school. And be sure to check out the GRC video with Christabel on the channel because she shares some additional tips for GRC.

@lakshmigayatri3548 Год назад

@@CyberLifeTV Wonderful. Thanks for the suggestion.

@francisfrancis1153 5 месяцев назад

Thanks for the knowledge. I advise against the GRCP due to their huge annual fees. The certification is also not well recognised.

@CyberLifeTV 5 месяцев назад

One Trust GRC professional is another one people get, but at the end of the day you don’t need any certs to get your first job.

@ecuabaddie 10 месяцев назад

Hi Ken! I came across your content and find it extremely helpful. Do you have any recommendations on how I could get started? I recently graduated from university with my bachelors in economics and I’m having a little bit of a hard time landing roles. Do you have any tips for me?

@CyberLifeTV 10 месяцев назад

Are you looking at GRC Analyst jobs or a different role?

@ecuabaddie 10 месяцев назад

@@CyberLifeTV grc analyst roles

@CyberLifeTV 10 месяцев назад

@@ecuabaddie for a degree in economics, I would focus on your research and analytical skills. You also probably did some economic risk assessments in school, so focus on how your experience with those ties into doing risk assessments in cybersecurity around regulatory compliance. You also have critical thinking and problem solving skills, so talk about how you identified a compliance gap or developed a strategy to mitigate economic risk in a project. You want to “connect the dots” for recruiters and hiring managers between your background and the job you are applying for. If you want a call with me to look through your resume, you can always schedule here: topmate.io/ken_underhill

@seetsamolapo5600 10 месяцев назад

Is this an entry level role in cybersecurity? Between this and a SOC analyst which would you say can be entered in quicker?

@CyberLifeTV 10 месяцев назад

Yes, GRC Analyst can be entry level. It’s often easier to find entry level GRC jobs than SOC Analyst jobs because SOCs have a limited amount of jobs and most cybersecurity training schools focus on SOC/Cybersecurity Analyst jobs, cybersecurity engineering, and pentester so all of their students are applying for those types of jobs. Depending on your background, you can probably apply for GRC jobs asking for up to 2-3 years of experience.

@kentrelc1 10 месяцев назад

So I’m looking to bring in GRC. I’m almost done with my Google Cybersecurity certification. They helped me build my portfolio with certain projects I had to do while doing the courses. Do you think I would have any issues with that plus I’ve had 5 years experience as a surveillance agent at a casino, working with compliance sending emails and talking to department heads when one of their employees broke a rule or in Information security terms had a risk or vulnerability ?

@CyberLifeTV 10 месяцев назад

Just be sure to talk on your resume about that compliance experience and try to tie it into the job you are applying for. The more you connect the dots for HR, the more likely you’ll get an interview.

@kentrelc1 10 месяцев назад

@@CyberLifeTV appreciate the info !

@CyberLifeTV 10 месяцев назад

@@kentrelc1 my pleasure

@ichigo8000 11 месяцев назад

I know it can be done without certs and education but since you have experience I want to ask you. I have an IT Bachelors Degree, 2 years of IT Helpdesk/Specialist II experience, Security+, CISA (passed exam don't have experience requirement), and am studying for the CRISC currently. Roughly how much can I expect to make with No GRC experience before getting the CRISC as of right now and after I get it? From different sources it seems consistent I'd be able to get 6 figures or close to it with these things on my side currently, am I correct? Your insight would be appreciated

@CyberLifeTV 11 месяцев назад

You might be able to pull low six figures because of your IT experience, but it would probably be at a larger company. Even working helpdesk, you’ve probably been involved in GRC related projects. On your resume, you’ll just want to flesh out specific examples. For example, if you installed and configured software for nurses you might list something like this below on your resume. “Configured electronic health record software using security best practices to ensure the organization protected PHI in compliance with HIPAA.” P.S. - Normally someone getting more advanced certs without experience is a red flag, but since you have a few years in IT then CISA and CRISC should be fine. Just be sure to tie in what you’re learning with those to some real life examples because hiring managers want people that can apply knowledge and not just collect it.

@ichigo8000 11 месяцев назад

@@CyberLifeTV Will do, Thank you!!

@emilia-qq3du 7 месяцев назад

What about identity and access management jobs?does this come under grc jobs please?

@CyberLifeTV 7 месяцев назад

ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-O3IdgYO1yHM.htmlsi=W-fxnEnrvIe7NKhJ

@LM-rs6ue 11 месяцев назад

Do you think a GRC Cyber analyst can be a good start for someone who wants to progress into Cybersecurity Architect?

@CyberLifeTV 11 месяцев назад

Yes because when you build architecture properly, you build it with a focus on reducing risk.

@ZombENT400 Год назад

Awesome video. Do you have a discord community?

@CyberLifeTV Год назад

No, we shut that down a few months ago because there was little engagement and it took too much effort to manage. If you have questions about your career though, feel free to post them in the comments and we'll try to get them answered for you.

@ZombENT400 Год назад

@@CyberLifeTV I really want to do auditing. This is the first video I’ve seen of actual positions to go for. Do you know where I can do auditing labs or hands on projects I can put on my resume. I really want to break into GRC space. I have a meeting with a professional from LinkedIn to just ask questions. I want to come to the meeting prepared though.

@CyberLifeTV Год назад

@@ZombENT400 I always recommend Gerry Auger's GRC Masterclass course as a starter if you haven't already done it. Also, picking one law or standard to focus on (e.g.-PCI DSS) and then searching some use cases for that will help you. Pretend like you have been hired as a consultant to audit a company for compliance with something like PCI DSS. For entry level jobs, hiring managers just want to see that you can connect what you are learning to the real world. As for projects, you can always offer to do a free audit to a local solopreneur on their website or something in exchange for their testimonial. You could even just audit a family member's social media accounts for security and make recommendations on how they can be more secure. Lots of ways to get "experience" without getting formal work experience.

@rj8183 11 месяцев назад

@@CyberLifeTVAnd what if any certs do you reccomend if any to do this also I looked on Coalfire for GRC Analyst what would be job titles to look for in an entry level to break into this field?

@CyberLifeTV 11 месяцев назад

@@rj8183 normally just searching GRC Analyst on a website like Indeed will show many results. Be sure to read through the actual job descriptions because some companies have weird job titles for the roles. As far as certifications, entry level ones like sec+. It’s more important though for you to see what they ask for in the JD and then create a real life example for that. For example, they ask for PCI DSS experience. Look at some case studies and then on your resume that you don’t have the direct experience but you are knowledgeable about x,y, and z case studies.

@mauricecioccato9818 2 месяца назад

thank s for the video ,IS DLP analyst role well payed?

@CyberLifeTV 2 месяца назад

Compensation always depends on the company, location, experience, etc. Overall, much of the cybersecurity jobs are paying about 20% less than they did a few years ago, but here in the U.S. you can usually negotiate for other stuff like tuition assistance or more days off. If you're just looking at cybersecurity careers for the money, then I would recommend just focusing on sales jobs. People with experience in sales that work at larger cybersecurity companies are often making $250k-$400k.

@mauricecioccato9818 2 месяца назад

@CyberLifeTV thanks for your reply,I'm a network administrator in Europe and I m looking for to change my career in Europe,money are important but are not all..

@CyberLifeTV 2 месяца назад

@@mauricecioccato9818 it should be more money than as a net admin, but it depends on the company. I don’t know the market over there well. You could ping some local recruiters and get an idea of market rates from them.

@christievega2738 Год назад

Hi! I'm working as a manufacturer worker right now. Do I have a chance to go into this field?

@CyberLifeTV Год назад

Yes, many people getting into cybersecurity careers are career changers from manufacturing and other areas, like healthcare and transportation. The key is to identify your skills from manufacturing (e.g.- ability to follow a proven process for a desired outcome) and translate those to the job in cybersecurity that you want.

@christievega2738 Год назад

@@CyberLifeTV How can I start my journey to GRC analyst or compliance analyst?

@CyberLifeTV Год назад

@@christievega2738 CoalFire often hires entry level for GRC.

@christievega2738 Год назад

@@CyberLifeTV thanks