Senior GRC Analyst

Job Description

• This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior GRC Analyst in United States. This is an exciting opportunity for a governance, risk, and compliance professional to help shape and scale enterprise-wide security and risk programs in a fast-paced, remote-first technology environment. In this role, you will lead critical initiatives related to risk management, third-party security assessments, compliance operations, and AI governance, directly influencing how secure and responsible systems are designed and operated. You will collaborate with teams across engineering, product, legal, IT, and security to embed governance into everyday decision-making while building scalable processes that support innovation and growth. The position is ideal for someone who enjoys solving complex challenges, creating structure in evolving environments, and driving operational maturity through strategic thinking and cross-functional influence. With exposure to modern cloud technologies, emerging AI governance frameworks, and globally recognized compliance standards, this role offers strong career growth and meaningful impact.
• Accountabilities: Lead the development and continuous improvement of enterprise risk management programs, including risk assessments, treatment planning, and risk register management. Drive compliance initiatives aligned with frameworks such as SOC 2, ISO 27001, ISO 27701, ISO 42001, NIST 800-53, and GDPR. Design and maintain unified control frameworks while identifying compliance gaps and supporting remediation efforts. Conduct and coordinate internal audits, including evidence gathering, control testing, findings management, and external auditor collaboration. Own third-party risk management processes, including vendor security assessments, due diligence reviews, and remediation tracking. Establish AI governance policies, assessment methodologies, and operational controls to support responsible and compliant AI usage. Partner with Engineering, Product, Legal, IT, and Security teams to integrate governance and risk management into operational workflows. Develop compliance metrics, dashboards, and executive reporting to provide visibility into program maturity and organizational risk posture. Support automation and monitoring strategies for compliance controls and governance processes across cloud and SaaS environments. Requirements: 4 to 6 years of experience in Information Security, Governance, Risk, and Compliance (GRC) roles. Proven experience building or managing enterprise risk management programs, including risk registers, assessments, and remediation planning. Strong understanding of compliance frameworks and standards such as ISO 27001, SOC 2, NIST 800-53, GDPR, and related governance models. Experience with third-party/vendor risk management and security assessment processes. Familiarity with AI governance frameworks such as ISO 42001 or NIST AI RMF, or the ability to quickly adapt to emerging governance standards. Knowledge of cloud platforms such as AWS, Azure, or GCP and the associated compliance and risk implications. Excellent written and verbal communication skills with the ability to explain technical risk concepts to both technical and non-technical stakeholders. Strong organizational and analytical skills with the ability to manage multiple initiatives in a fast-paced, remote-first environment. Experience with GRC tools such as ServiceNow GRC, OneTrust, Anecdotes, or similar platforms is a plus. Relevant certifications such as CRISC, CISA, CISSP, or CCSK are preferred. Benefits: Flexible remote-first work environment designed to support work-life balance. Competitive compensation package including equity opportunities. Generous PTO policy encouraging personal time and well-being. Quarterly wellness days and extended end-of-year wellness break. Home office setup support and monthly technology stipend. Paid parental leave program available after six months of employment. Professional development support through training and conference stipends. Access to comprehensive healthcare, retirement plans, and paid holidays (varies by location). Inclusive and collaborative culture focused on innovation, growth, and continuous learning.
• How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1
• We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
• apply for this job