Posted May 02, 2026
Risk & Compliance Analyst
Performance Food Group
Cheney Brothers Corp 1875 ,United States
Full Time
Reference: PerformanceFoodGroup1406458
Job Description
We Deliver the Goods:- Competitive pay and benefits, including Day 1 Health & Wellness Benefits, Employee Stock Purchase Plan, 401K Employer Matching, Education Assistance, Paid Time Off, and much more
- Growth opportunities performing essential work to support America’s food distribution system
- Safe and inclusive working environment, including culture of rewards, recognition, and respect
The Risk and Compliance Analyst supports the organization's enterprise risk management and compliance efforts by identifying, assessing, and monitoring risks across IT and business operations. This role plays a key part in maintaining effective control environments, supporting regulatory and audit requirements, and enhancing overall risk visibility. Working cross-functionally with IT, cybersecurity, and business stakeholders, the analyst helps ensure compliance with applicable frameworks while contributing to proactive risk mitigation and continuous improvement of processes.
Major Functional Responsibilities:
- Support enterprise risk and compliance programs across IT and business functions
- Assist in identifying, assessing, and documenting risks, including evaluating likelihood and impact
- Maintain and update risk registers, control inventories, and compliance documentation
- Support compliance efforts for frameworks such as SOX, ISO 27001, SOC 1 & 2, and other regulatory requirements
- Perform control testing activities, including IT general controls (ITGC) and IT application controls (ITAC)
- Coordinate audit activities by gathering evidence, tracking requests, and supporting auditor inquiries
- Monitor and track remediation efforts, ensuring timely resolution of identified issues
- Assist in third-party risk management processes, including vendor risk assessments and reviews
- Support user access reviews and certification processes to ensure appropriate access controls
- Partner with IT and cybersecurity teams to support risk mitigation and control effectiveness
- Prepare reports and dashboards summarizing risk exposure, compliance status, and remediation progress
- Provide guidance to business stakeholders on risk and compliance requirements
- Performs other duties as assigned
- Complies with all policies and standards
EEO Statement
Performance Food Group and/or its subsidiaries (individually or collectively, the "Company") provides equal employment opportunity (EEO) to all applicants and employees, regardless of race, color, national origin, sex, marital status, pregnancy, sexual orientation, gender identity, religion, age, disability, genetic information, veteran status, and any other characteristic protected by applicable local, state and federal laws and regulations. Please click on the following links to review: (1) our EEO Policy; (2) the "EEO is the Law" poster and supplement; and (3) the Pay Transparency Policy Statement.Required Qualifications
Work Experience• 1 - 3 Years Experience in risk management, compliance, IT audit, or a related field
Required Qualifications
• Familiarity with risk and compliance frameworks such as SOX, ISO 27001, NIST, HIPAA, PCI, or GDPR
• Understanding of risk assessment methodologies and basic risk analysis concepts (likelihood, impact, mitigation)
• Knowledge of IT controls, including ITGCs and ITACs
• Experience supporting audits, compliance reviews, or risk assessments
• Exposure to GRC or IAM tools (e.g., ServiceNow, Archer, CyberArk, Saviynt) preferred
• Strong analytical, organizational, and communication skills
Preferred Qualifications
Preferred Qualifications• Exposure to GRC or IAM tools (e.g., ServiceNow, Archer, CyberArk, Saviynt) preferred
