Senior Governance, Risk and Compliance Analyst

Location: Tampa, FL

View cannabis job requirements in Florida
Job Posted
Apr 28, 2024
Company: Trulieve

Company & Role Overview


"Trulieve Grows One Patient at a Time"

Requisition ID:

Remote Work Available:

Senior Governance, Risk and Compliance (GRC) Analyst



Reports to:

FLSA Status:

Role Summary:

Key Responsibilities:

  • Develop, implement and maintain the GRC framework, policies, procedures and tools for the organization.
  • Conduct risk assessments and audits to identify, evaluate and report on the GRC risks and controls.
  • Provide recommendations and action plans to address the gaps and issues identified in the risk assessments and audits.
  • Monitor and report on the GRC performance and status of the organization and escalate any issues or incidents to the senior management and relevant authorities.
  • Facilitate and support the GRC awareness and training programs for the organization.
  • Manage and coordinate the GRC projects and initiatives, and ensure that they are delivered on time, within budget and scope, and meet the quality standards and expectations.
  • Collaborate and communicate with the business units and functions, and external parties such as auditors, consultants, and vendors on GRC matters.
  • Research and keep abreast of the latest trends, developments, and best practices in the GRC domain, and provide insights and recommendations to the organization.


  • Perform daily GRC tasks and activities, such as reviewing and updating the GRC documentation, conducting risk analysis and testing, preparing and submitting the GRC reports, and responding to the GRC queries and requests.
  • Lead and guide junior GRC team members and provide coaching and feedback.
  • Manage and resolve the GRC issues and incidents and ensure that the root causes are identified and remediated.
  • Participate and contribute in the GRC meetings, committees and forums, and present the GRC findings and recommendations.
  • Support and assist the GRC manager in the GRC strategy and planning, and the GRC budget and resource allocation.

Skills and Qualifications:

  • Bachelor's degree in business, finance, accounting, information technology, or related field, or equivalent work experience.
  • Four (4) or more years of experience in GRC or related roles, preferably in a large and complex organization.
  • Strong knowledge and understanding of the GRC principles, standards, frameworks, and methodologies, ISO, NIST, etc.
  • Experience supporting and implementing some of the following risk regulations: SOX, HIPAA, PCI, or other compliance and privacy standards.
  • Excellent analytical, problem-solving and decision-making skills, and ability to handle complex and ambiguous situations.
  • Strong communication, presentation and interpersonal skills, and ability to influence and persuade others.
  • High level of integrity, ethics and professionalism, and ability to maintain confidentiality and discretion.
  • Capable of using GRC software and tools, risk management systems, audit management systems, (e.g. AuditBoard).
  • Detail-oriented, organized, and self-motivated, and able to work independently and as part of a team.

Certification (Optional):

  • CRISC, CISA, CGEIT, CISM, Security+, or other security-related certifications is a plus.

Work Schedule:

  • 40+ hours weekly with flexible hours depending on department needs.

Equal Opportunity Employer l Trulieve Supports a Drug Free Workplace

Nearest Major Market:

Working Environment

(No Information)

About Trulieve