Cybersecurity Analyst (Governance, Risk, and Compliance) – Volunteer Role

The Donovan's Venom, INC. Is a non-profit 501(c)(3) tax exempt organization dedicated to taking music, art, and entertainment to those who need it the most. The Donovan's Venom, INC. Caters to no particular individual(s) yet pledges relief to impaired or deprived individuals who are in need of musical,visual, comedic, and-or any alternative forms of liberation-through fine art & entertainment. The Donovan's Venom INC. Gives its resources to individuals who don't have the means or access.

,

Cybersecurity Analyst (Governance, Risk, and Compliance – GRC)

The Donovan’s Venom

Remote | Technology – Information Security | Volunteer

We’re Building — And It Must Be Governed

The Donovan’s Venom is growing.

Systems.

Platforms.

Processes.

But growth without structure creates risk.

We are seeking a Cybersecurity Analyst (GRC) to define policies, assess risk, and ensure security is consistently applied across the organization.

Because security isn’t just technical.

It’s how the organization operates every day.

The Role

This role is responsible for supporting the organization’s security governance framework, ensuring policies, controls, and processes are clearly defined, followed, and continuously improved.

You will assess risk, monitor compliance, and ensure accountability across teams.

You are not just documenting policies.

You are building a structured, risk-aware organization.

This role operates at the intersection of security, compliance, and operations, ensuring alignment between standards and execution.

What You’ll Own

Governance Framework & Policy Development

• Develop and maintain cybersecurity policies and procedures
• Establish governance frameworks for security practices
• Ensure consistent application across the organization
  

Risk Assessment & Management

• Identify and assess risks across systems and processes
• Prioritize risks based on impact and likelihood
• Recommend mitigation strategies and track progress
  

Compliance Monitoring & Assurance

• Ensure adherence to
• Internal policies
• Security standards and best practices
• Identify gaps and recommend corrective actions
  

Audit Support & Readiness

• Support internal and external audits
• Maintain documentation and evidence
• Conduct readiness assessments and gap analyses
  

Security Control Documentation & Validation

• Document and validate security controls
• Ensure controls are implemented and effective
• Align controls with governance requirements
  

Third-Party & Vendor Risk

• Assess risks related to vendors and external systems
• Review security practices of third-party tools
• Recommend mitigation strategies
  

Cross-Functional Collaboration

• Partner with
• Information Security
• IT Operations
• Engineering teams
• Ensure governance requirements are integrated into workflows
  

Security Awareness & Policy Support

• Support development of security awareness initiatives
• Help ensure teams understand and follow policies
• Promote a culture of accountability
  

Reporting & Risk Visibility

• Track and report on
• Risk levels
• Compliance status
• Audit readiness
• Provide insights and recommendations to leadership
  

Continuous Improvement

• Improve governance and compliance processes
• Strengthen risk management frameworks
• Stay updated on evolving standards and practices
  

Who This Is For

This role is for someone who

• Thinks in structure, risk, and accountability
• Is highly organized and detail-oriented
• Understands how policies translate into real-world execution
• Can work across teams to enforce consistency
• Wants to build a secure and compliant organization
  

Qualifications

Required

• 1–3 years of experience in cybersecurity, risk, compliance, or related roles
• Basic understanding of
• Governance frameworks
• Risk assessment methodologies
• Compliance principles
  

Preferred

• Experience with
• Security policies and documentation
• Risk and compliance processes
• Familiarity with frameworks (NIST, ISO, or similar)
• Certifications (Security , CISA, CRISC – preferred but not required)
• Experience in nonprofit or mission-driven environments
  

Commitment

• 8–12 hours per week
• Flexible schedule (aligned with governance and compliance activities)
• Fully remote
  

What You’ll Gain

• Hands-on experience in governance, risk, and compliance
• Exposure to real-world security frameworks and audits
• Opportunity to shape organizational security practices
• Development in risk analysis and policy design
  

Application Requirements (Read Carefully)

We are building — and structuring in real time.

To ensure alignment

• You must be able to start within 14 days
• You must complete the full application
• You must be ready to support governance and compliance efforts
  

Important Disclaimer

This is a volunteer role.

We are onboarding individuals who are ready to contribute immediately.

Please only apply if you are prepared to begin within the next 14 days.