18 grc analyst jobs at 12 companies in Everett, MA
1mo
Save
Mark Applied
Hide
1mo
GRC Analyst
Lowell, Massachusetts, United States
$78k-$125k/yrOnsiteFull Time
MACOMNASDAQ: MTSI: Designs and manufactures semiconductor products for communications infrastructure.
1+ YOEBachelor's in relevant field (or equivalent), 1–3 years information security/risk/compliance experience, knowledge of security frameworks, strong analytical and communication skills, and willingness to learn ServiceNow GRC.
ServiceNow GRC, NIST, ISO 27001, SOC2, CIS, ISO9001, ISO14001
WHOOP: Providing wearable health trackers and physiological performance analytics.
2+ YOE2+ years GRC experience, knowledge of ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS, bachelor’s degree, strong organizational and communication skills.
WHOOP: Wearable technology for personalized health and performance tracking.
6+ YOE6+ years in cybersecurity or enterprise risk; experience conducting structured cyber/IT risk assessments, maintaining risk registers, familiarity with security frameworks and AI risk; strong communication and analysis skills.
NIST CSF, ISO 27001, PCI DSS, GDPR, HIPAA, NIST AI RMF, ISO/IEC 42001, FAIR
WHOOP: Providing wearable health trackers and physiological performance analytics.
6+ YOE6+ years in cybersecurity or enterprise risk management, experience conducting structured cyber/IT and AI risk assessments, maintaining risk registers, familiarity with NIST/ISO/PCI/GDPR/HIPAA, and strong communication skills.
NIST CSF, ISO 27001, PCI DSS, GDPR, HIPAA, NIST AI RMF, ISO/IEC 42001, FAIR
Boston Medical Center: Provides specialized medical care and academic healthcare training.
6+ YOE6+ years information security experience focused on governance, risk, and compliance; bachelor’s preferred; certifications such as CISA/CRISC/CISSP preferred; knowledge of NIST CSF 2.0, HIPAA/HITECH; strong data analysis and communication skills.
Microsoft Excel, Microsoft SharePoint, NIST CSF 2.0, HIPAA, HITECH
DigitalOceanNew York Stock Exchange: DOCN: Simplifies cloud infrastructure for developers, startups, and SMBs.
5+ YOE5+ years GRC experience with multi-standard programs (ISO 27001/27017/22301), familiarity with SOC 2 and HIPAA, risk assessment and remediation, control design, policy authoring, and cross-functional project management.
Watts Water TechnologiesNYSE: WTS: Manufactures water flow control and water quality products.
3+ YOEBachelor's or equivalent; 3+ years IT compliance/internal audit/GRC experience; working knowledge of ITGCs and SOX; experience with GRC/audit platforms; strong communication and organizational skills.
Optro (AuditBoard), ServiceNow GRC, Archer, MetricStream, Jira, Microsoft Power Automate, SQL, Python, APIs
Citizens Financial GroupNYSE: CFG: Provides retail, commercial, and private banking services to customers.
3+ YOEBachelor's in IT/Cybersecurity/Business required; 3+ years in IT/security/risk/internal audit; familiarity with control frameworks, GRC and ITSM tools; strong communication, analytical, and documentation skills.
Archer, ServiceNow, Jira, Microsoft Excel, Microsoft Word, Microsoft PowerPoint, AWS, Azure, NIST 800-53, NIST Cybersecurity Framework, CRI Profile, COBIT, ITIL
Senior Analyst, IT Internal Controls & SOX Compliance
San Francisco or Salt Lake City or Phoenix or Los Angeles or Chicago or Boston or Austin or New York City or Miami or Tampa or Atlanta or Columbus or Boise or San Diego or Minneapolis or Houston or Raleigh or Nashville or Kansas City or Charlotte or Portland or Philadelphia or Dallas or Washington D.C. or Seattle
$113k-$148k/yrRemoteFull Time
CircleNYSE: CRCL: Digital currency issuer and blockchain financial infrastructure provider.
4+ YOE4+ years Big 4 IT audit/controls experience, Bachelor's in related field, CPA/CISA/CIA/CISSP required; strong SOX/ITGC knowledge, cloud/SaaS/SDLC/IAM experience, ERP/GRC familiarity, and stakeholder communication skills.
Slack, Apple MacOS, Google Workspace, ERP, GRC, AI
WHOOP: Providing wearable health trackers and physiological performance analytics.
6+ YOE6+ years in GRC with experience assessing AI/ML risks, third-party/vendor risk management, policy development, audit support, and mapping controls to industry frameworks; bachelor’s degree preferred.
ISO/IEC 42001, NIST Cybersecurity Framework, NIST AI Risk Management Framework, EU AI Act, GDPR, PCI DSS
WHOOP: Wearable technology for personalized health and performance tracking.
6+ YOE6+ years in GRC with AI/ML risk assessment, third-party risk management, policy development, audit coordination, and mapping controls to standards; bachelor’s degree in related field.
ISO/IEC 42001, NIST Cybersecurity Framework, NIST AI Risk Management Framework, EU AI Act, GDPR, PCI DSS, LLM
10+ YOE10+ years in IT risk/audit/GRC, experience with RCSAs/KRIs, vendor risk/SOC reviews, strong writing and communication, knowledge of NIST/COSO/COBIT and US/global regulations; professional certs a plus.
QuanterixNASDAQ: QTRX: Developing digital immunoassay technology for ultra-sensitive protein detection.
5+ YOE5+ years IT compliance/risk, SOX/NIST/ISO knowledge; bachelor’s in IS/cybersecurity/accounting or related; strong documentation and audit support skills.
United States or San Francisco or San Jose or New York City or Chicago or Austin or Denver or Boston or Washington or Philadelphia or Portland or Seattle or Miami or California or Alaska or Delaware or Hawaii or Idaho or Iowa or Montana or Nebraska or North Dakota or Rhode Island or South Dakota or West Virginia
$165k-$233k/yrRemoteFull Time
Calendly: Scheduling automation platform for managing meetings and appointments.
5+ YOE5+ years in compliance/GRC in a technology/SaaS environment; SOC 2 and ISO 27001 experience; knowledge of NIST, GDPR, HIPAA; experience with compliance automation platforms and UARs; strong project management and communication.
Fidelity Investments: Provides investment management, retirement planning, and brokerage services.
3+ YOEBachelor's +5 yrs or Master's +3 yrs in IT/IS; experience performing IT audits, risk assessments, and cybersecurity control reviews; expertise with SOC/ISO/NIST frameworks, cloud, DevOps, and related audit tools.