Governance, Risk, and Compliance Analyst at Open Dealer Exchange – Southfield, Michigan

Open Dealer Exchange (ODE) is seeking Governance, Risk & Compliance (GRC) Analyst II to support its workforce in Southfield, MI. As a GRC Analyst II, you will support the organization’s data governance, data loss prevention (DLP) controls, privacy, and AI initiatives by improving visibility, accountability, and control over enterprise data assets. This role requires a highly independent, self-directed professional who can take ownership of data governance programs and drive initiatives forward with minimal oversight. The ideal candidate will have experience in data governance, DLP controls, and Microsoft Purview.

Open Dealer Exchange is a dynamic, exciting place to work. We hire exceptional people and every one of them is empowered to think independently, to take the initiative as an employee and to be innovative. Open Dealer Exchange offers a hybrid work model as well as an excellent compensation/benefit package.

Key Responsibilities

• Lead and maintain an enterprise data inventory using Microsoft Purview, ensuring accurate metadata, data lineage, and documentation.
• Establish data ownership and stewardship by onboarding data owners and stewards into governance processes.
• Develop and maintain data flow diagrams to document how data moves across systems and business processes.
• Proactively identify data-related risks and recommend governance, privacy, and security improvements.
• Ensure the organization follows data retention?schedules and destruction requirements, in alignment with Legal.
• Ensure the organization follows data retention schedules and destruction requirements, in alignment with Legal.
• Implement and monitor governance and compliance controls within Microsoft Purview, including sensitivity labels, DLP policies, and retention controls.
• Monitor, triage, and respond to DLP alerts across email, endpoints, cloud applications, and collaboration tools.
• Support the Data Governance Committee through meeting coordination, documentation, and follow-up actions.
• Update, enhance, and enforce data governance policies, ensuring clear standards for data classification, protection controls, and acceptable data usage across the organization.
• Support the organization’s AI governance program by tracking AI initiatives, identifying risks, and recommending appropriate safeguards.

2-4 years of experience minimum in data governance, DLP, data privacy, information governance, or related disciplines.

Demonstrated hands-on experience with enterprise data governance or data protection platforms, including data discovery and cataloging, sensitive data classification, data lineage, and information protection controls.

Demonstrated experience integrating enterprise data governance or security platforms with source systems, including pulling metadata, classifications, or telemetry via APIs, connectors, or automated ingestion mechanisms.

Demonstrated experience creating and maintaining end-to-end data flow diagrams that document how data moves across systems, applications, and business processes, with the ability to identify risk, control gaps, and dependencies.

Ability to collaborate effectively with both technical and non-technical stakeholders.

Will accept any suitable combination of education, training, or experience.

Desired Skills

• Bachelor’s degree in information systems, data management, computer science, or a related field preferred
• Hands-on experience with Microsoft Purview, including data cataloging, classification, data lineage, or information protection.
• Familiarity with Microsoft 365, Azure security, and compliance tools
• Experience with GRC or audit platforms such as AuditBoard.
• Knowledge of AI governance concepts and emerging data risk management practices.
• Relevant certifications such as CDMP, Azure Fundamentals, Azure Data, or Microsoft Information Protection training.