Senior GRC Risk Analyst

Are you passionate about cybersecurity and protecting critical infrastructure? Join MISO as a Senior GRC Risk Analyst, where you will play a key role in safeguarding the power grid by identifying, assessing, and mitigating cybersecurity risks.  In this role, you'll be central to MISO’s risk management efforts. You will identify and track risks, support and monitor mitigation activities, and assess third‑party risk. Your work will form the risk‑based foundation for broader cybersecurity functions across the organization.  This position is highly cross‑functional and collaborative, giving you the opportunity to work closely with teams across MISO to strengthen and protect critical systems.

What you’ll do as our Senior GRC Risk Analyst:

• Recommend and support risk mitigation strategies to address identified risks.
• Work collaboratively across teams to proactively identify, evaluate, and mitigate cybersecurity risks.
• Ensure risk management activities align with industry best practices, including NIST 800‑37.
• Serve as a cybersecurity Subject Matter Expert (SME), advising business and technology teams on identifying, prioritizing, and communicating risks.
• Build, maintain, and continuously improve the organization’s third‑party risk management framework.
• Evaluate third‑party vendors’ cybersecurity controls, practices, and overall risk posture through detailed assessments.
• Identify and assess cybersecurity risks associated with vendor and partner relationships.
• Work closely with procurement, legal, and compliance teams to ensure vendor contracts include appropriate and enforceable security requirements.
• Provide guidance, consultation, and training to internal stakeholders on effective risk management and mitigation approaches.

Skills needed for our Senior GRC Risk Analyst:

• Bachelor's degree in Information Security, Cybersecurity, Risk Management, or a related field. Advanced degree preferred.
• Experience: 5+ years experience in cybersecurity risk management, or related fields.
• Strong background in vendor risk assessments and risk management methodologies.
• Demonstrated strong strategic thinking and ownership by independently prioritizing work, addressing underlying problems, producing detail‑oriented deliverables, and understanding how daily actions align to broader organizational goals.
  • Strong knowledge of risk management frameworks, such as:
  • NIST Cybersecurity Framework (CSF)
  • NIST 800-37 Control Framework; NIST 800-53
• Certifications that are a plus: CRISC, CISSP, CISA, CISM

Appropriate level will be determined based upon experience and knowledge.

Transformative innovation is happening in the electric industry, from digitalizing homes and distributed resources to renewable energy and an ever-changing grid. MISO manages the electricity superhighway in the Central U.S. and through use of groundbreaking research and advanced technology, our highly skilled employees ensure power flows reliably to 45 million Americans. Operating the electricity grid, running a robust energy market, planning for a bright future – it’s what our immensely hardworking and dedicated team does every day.
The base salary compensation range being offered for this role is $105,000 - $130,000 USD annually.  Base salary range for this position is included in accordance with requirements of various state/local pay transparency legislation. Please note that salaries may vary for different individuals in the same role based on several factors, including but not limited to location of the role, individual competencies, education/professional certifications, and qualifications/experience. 

Position is also eligible for an annual bonus if individual performance and company objectives are met.  At MISO we offer a comprehensive benefits package, including 401k, vacation, sick and safe time, available on your first day of employment.
#DiscoverMISO #MISOCareers #lifeatMISO #weareMISO
MISO, What We Do