GRC Analyst - Remote

Overview

The GRC Analyst supports the organization’s governance, risk, and compliance programs by identifying and assessing risk, ensuring adherence to regulatory frameworks, and maintaining internal policies and controls. This role plays a critical part in safeguarding company assets, protecting sensitive data, and promoting operational integrity in alignment with legal and industry standards.

In Short

• Conduct ongoing risk reviews and maintain an up-to-date risk register
• Support risk assessments across critical business processes and systems
• Partner with stakeholders to develop and track risk mitigation plans through resolution
• Assist in building risk metrics and reporting for executive-level visibility
• Monitor adherence to relevant regulatory frameworks and internal controls
• Support audit readiness by coordinating evidence collection and documentation
• Partner with cross-functional teams to ensure successful audit outcomes with no material findings
• Review and update GRC-related policies on a regular cadence
• Support or lead compliance and security training initiatives
• Develop and distribute awareness materials on key compliance topics

Requirements

• Bachelor’s degree in Business, Information Security, Risk Management, or related field (or equivalent experience)
• 3-5 years of experience in GRC, risk management, compliance, or audit-related roles
• Familiarity with common compliance frameworks (e.g., SOC 2, ISO 27001, HIPAA, FedRAMP)
• Strong organizational skills with attention to detail and follow-through
• Act as a highly collaborative partner across internal teams and external stakeholders, demonstrating strong consultative and relationship-building skills

Benefits

• Unlimited PTO policy
• Competitive medical, dental, and vision healthcare coverage
• 401k matching
• Paid holidays
• Volunteer time off
• Paid parental leave
• Remote work stipend