257 grc analyst jobs at 203 companies in United States
20h
Save
Mark Applied
Hide
20h
GRC Analyst
Norman, Oklahoma, United States
$46k-$60k/yrOnsiteFull Time
University of Oklahoma: A public research university in Norman, Oklahoma.
Bachelor's in Computer Science/IT or equivalent experience; knowledge of cybersecurity frameworks, risk assessments, GRC platforms, vulnerability scanning, strong communication and analytical skills.
São Paulo or Denver or Colombia or Argentina or Brazil or Costa Rica or United States
RemoteContract
AspenView: Provides nearshore software engineering and digital transformation services.
3+ YOE3+ years GRC experience; hands-on with GRC tools (Archer, LogicGate, ServiceNow GRC); familiarity with ISO 27001, SOC 2, NIST CSF, HIPAA, SOX; strong analytical and communication skills.
Fluidstack: Provides high-performance cloud GPU infrastructure for AI development.
Experienced in operating compliance controls and audits across SOC 2, ISO 27001, NIST 800-53 or FedRAMP; owning policy sets, evidence collection, and audit readiness on GRC platforms.
Vercel: Frontend cloud platform for building and hosting web applications.
3+ YOE3+ years supporting audit lifecycle in cloud environments; manage ISO/SOC/HIPAA/PCI compliance, collaborate with engineering, strong project management and communication; familiarity with cloud and GRC tools.
MACOMNASDAQ: MTSI: Designs and manufactures semiconductor products for communications infrastructure.
1+ YOEBachelor's in relevant field (or equivalent), 1–3 years information security/risk/compliance experience, knowledge of security frameworks, strong analytical and communication skills, and willingness to learn ServiceNow GRC.
ServiceNow GRC, NIST, ISO 27001, SOC2, CIS, ISO9001, ISO14001
Hayward HoldingsNYSE: HAYW: Manufacturer of residential and commercial swimming pool equipment.
3+ YOEBachelor's degree in Accounting, Information Systems, Cybersecurity or related; 3+ years SOX-focused GRC/audit experience; hands-on Varonis and SailPoint experience; strong ITGC/ICFR and audit evidence knowledge.
ModineNYSE: MOD: Manufactures thermal management systems and HVAC equipment.
5+ YOE5+ years in Information Security GRC, IT Audit, or IT Compliance with ITGC/SOX experience, GRC tool configuration, framework knowledge, strong process and project management skills.
San Francisco or New York City or Bangalore or United States or Europe
$130k-$175k/yrHybridFull Time
Mesh: Connecting digital wallets and exchanges for unified cryptocurrency payments.
3+ YOE3+ years hands-on GRC experience; familiarity with SOC 2, NIST, MiCA, Money Transmitter Licenses; BC/DR program experience; vendor risk assessments; control testing and remediation; strong communication and operationalization skills.
Ease: Mobile software for manufacturing plant floor audits and inspections.
3+ YOE3+ years in GRC/security compliance or IT audit; hands-on SOC 2/ISO 27001/HIPAA work; cloud (AWS/Azure/GCP) familiarity; vendor assessments; Jira; strong written communication; authorized to access CUI (US citizen or permanent resident).
SOC 2, CMMC, ISO 27001, HIPAA, NIST 800-171, DFARS 252.204-7012, FedRAMP, NIST AI RMF, System Security Plan (SSP), C3PAO, Drata, Vanta, Hyperproof, Secureframe, Jira, AWS, Azure, GCP, EASE
United States or Canada or United Kingdom or Philippines or Romania
$81k-$121k/yrRemoteFull Time
Payscale: Provides compensation management software and data-driven salary insights.
2+ YOEBachelor's in cybersecurity or information systems,2-4 years GRC experience in SaaS,knowledge of SOC 2/ISO27001/NIST/CIS,data classification,vendor assessments,audit support,GRC tools,strong communication.
5+ YOEBachelor's or equivalent,5+ years GRC/IT risk/compliance experience,knowledge of ISO27001/CMMC/NIST/NYDFS,SOC2 experience preferred,proficiency with GRC platforms and Microsoft Teams/PowerPoint/Excel,CISA/CISM/CISSP/CRISC.
Microsoft Teams, Microsoft PowerPoint, Microsoft Excel
Morgan & Morgan: Provides legal representation for personal injury and consumer litigation.
4+ YOE4+ years in GRC/IT audit/compliance/information security; hands-on GRC platform experience (Vanta preferred); strong knowledge of ISO 27001, NIST CSF, CIS v8.1; ISC2 or ISACA certification required; experience leading audits and vendor risk assessments.
Benepass: Platform for distributing and managing flexible employee benefits.
5+ YOE5+ years in GRC, information security, IT audit or risk management; hands-on SOC 2, ISO 27001/HITRUST; policy, evidence & audit readiness; strong communication.
Kokosing: Provides heavy civil, industrial, and marine construction services.
5+ YOE5+ years GRC/cybersecurity experience; knowledge of CMMC and NIST 800-171; strong risk management, policy and vendor risk experience; ability to influence stakeholders and support audits and data governance.
News CorpNASDAQ: NWSA: Provides global news, information, and digital media services.
3+ YOE3+ years in cyber security/GRC, experience with PCI DSS, NIST CSF, ISO 27001, AWS; supports audits, risk assessments, and third‑party security reviews; professional security certifications preferred.
Black & Veatch: Provides engineering, procurement, and construction services for global infrastructure.
2+ YOEBachelor's in IT/CS or equivalent experience; 2+ years in GRC; experience with risk assessment frameworks (NIST CSF, ISO 27001, SOC), ServiceNow Risk Management, and enterprise cyber/compliance risk practices; CRISC/CISSP preferred.