Grc Analyst Jobs
Grc Analyst jobs are open across financial services, healthcare, technology, and government contracting, from entry-level to senior and lead roles, with specializations in compliance program management, enterprise risk frameworks, and IT security governance. Find a role that fits from the openings below and apply directly.
Find Grc Analyst JobsOverview
Showing 5 of 28+ Grc Analyst jobs
Company Overview:
MACOM designs and manufactures semiconductor products for Data Center, Telecommunication, and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe, and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001 environmental management standard.
MACOM has more than 75 years of application expertise with multiple design centers, Si, GaAs, and InP fabrication, manufacturing, assembly and test, and operational facilities throughout North America, Europe, and Asia. In addition, MACOM offers foundry services that represents a key core competency within our business.
MACOM sells and distributes products globally via a sales channel comprised of a direct field sales force, authorized sales representatives, and leading industry distributors. Our sales team is trained across all of our products to give our customers insights into our entire portfolio.
Position Overview:
We are seeking a motivated and detail-oriented GRC Analyst to join our Information Security team. This role will support the organization’s governance, risk, and compliance initiatives, focusing on regulatory and framework alignment, third-party risk management, risk lifecycle processes, and policy governance.
The ideal candidate will have foundational knowledge of information security principles, strong analytical skills, and a willingness to learn and grow within the GRC space, especially in platforms such as ServiceNow GRC.
Key Responsibilities
Compliance & Framework Support
- Assist in the implementation, maintenance, and monitoring of compliance frameworks (e.g., NIST, ISO 27001, SOX, SOC2, CIS, etc.)
- Support internal and external audit activities, including evidence collection and control validation
- Track and report on compliance status, gaps, and remediation efforts
Third-Party Risk Management (TPRM)
- Conduct vendor risk assessments and due diligence reviews
- Analyze third-party security posture and identify potential risks
- Maintain vendor inventory and track risk treatment activities
- Collaborate with business owners to ensure appropriate risk mitigation
Risk Management
- Support the execution of the Information Security risk management lifecycle
- Assist with risk identification, assessment, documentation, and tracking
- Help maintain risk registers and ensure risks are properly escalated and monitored
- Partner with stakeholders to support risk remediation planning
Policy Governance
- Assist in drafting, reviewing, and maintaining information security policies, standards, and procedures
- Facilitate policy review cycles, approvals, and documentation updates
- Ensure alignment with regulatory requirements and industry best practices
GRC Tooling & Process Support
- Support and learn the administration and use of ServiceNow GRC
- Assist in configuring workflows, tracking activities, and improving GRC processes
- Help identify opportunities for automation and process optimization
Qualifications
Required
- Bachelor’s degree in Information Security, Cybersecurity, IT, or related field (or equivalent experience)
- 1–3 years of experience in information security, risk, compliance, or audit (internships acceptable)
- Basic understanding of security frameworks and regulatory requirements
- Strong analytical, organizational, and documentation skills
- Excellent written and verbal communication skills
Preferred
- Exposure to frameworks such as NIST, ISO 27001, SOC 2, or CIS
- Security or compliance certifications (e.g., CISM, CRISC, CISSP, CGEIT, or CISA).
- Experience with third-party risk management processes
- Familiarity with risk management concepts and methodologies
- Exposure to GRC tools (ServiceNow GRC preferred, but not required)
Key Competencies
- Detail-oriented with strong follow-through
- Ability to manage multiple priorities and deadlines
- Collaborative mindset with cross-functional teams
- Curiosity and willingness to learn new tools and frameworks
- Strong problem-solving and critical-thinking skills
Why Join Us
- Opportunity to grow within a maturing GRC program
- Exposure to a wide range of security, compliance, and risk disciplines
- Hands-on experience with industry-standard tools like ServiceNow GRC
- Collaborative and supportive team environment
EEO:
MACOM is an Equal Opportunity Employer committed to a diverse workforce. MACOM will not discriminate against any worker or job applicant on the basis of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, military service, marital status, or any other category protected under applicable law.
Reasonable Accommodation:
MACOM is committed to working with and providing reasonable accommodations to qualified individuals with physical and mental disabilities. If you have a disability and are in need of a reasonable accommodation with respect to any part of the application process, please call +1-978-656-2500 or email HR_Ops@MACOM.com. Provide your name, phone number and the position title and location in which you are interested, and nature of accommodation needed, and we will get back to you. We also work with current employees who request or need reasonable accommodation in order to perform the essential functions of their jobs.
ITAR
Due to ITAR regulations, only candidates who are U.S. Persons (U.S. citizens, U.S. nationals, lawful permanent residents, or individuals granted asylum or refugee status) will be considered for this position.
RSU Eligible
This position is eligible to receive restricted stock unit (RSU) awards and cash bonuses, solely at MACOM’s discretion, subject to individual and company performance.
Salary Range
The Salary Range for this position is $78,000 – $125,000. Actual salary offered to candidate will depend on several factors, including but not limited to, work location, relevant candidates’ experience, education, and specific knowledge, skills, and abilities.
Benefits: This position offers a comprehensive benefits package including but not limited to:
- Health, dental, and vision insurance.
- Employer-sponsored 401(k) plan.
- Paid time off.
- Professional development opportunities.
Company Overview:
MACOM designs and manufactures semiconductor products for Data Center, Telecommunication, and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe, and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001 environmental management standard.
MACOM has more than 75 years of application expertise with multiple design centers, Si, GaAs, and InP fabrication, manufacturing, assembly and test, and operational facilities throughout North America, Europe, and Asia. In addition, MACOM offers foundry services that represents a key core competency within our business.
MACOM sells and distributes products globally via a sales channel comprised of a direct field sales force, authorized sales representatives, and leading industry distributors. Our sales team is trained across all of our products to give our customers insights into our entire portfolio.
Position Overview:
We are seeking a motivated and detail-oriented GRC Analyst to join our Information Security team. This role will support the organization’s governance, risk, and compliance initiatives, focusing on regulatory and framework alignment, third-party risk management, risk lifecycle processes, and policy governance.
The ideal candidate will have foundational knowledge of information security principles, strong analytical skills, and a willingness to learn and grow within the GRC space, especially in platforms such as ServiceNow GRC.
Key Responsibilities
Compliance & Framework Support
- Assist in the implementation, maintenance, and monitoring of compliance frameworks (e.g., NIST, ISO 27001, SOX, SOC2, CIS, etc.)
- Support internal and external audit activities, including evidence collection and control validation
- Track and report on compliance status, gaps, and remediation efforts
Third-Party Risk Management (TPRM)
- Conduct vendor risk assessments and due diligence reviews
- Analyze third-party security posture and identify potential risks
- Maintain vendor inventory and track risk treatment activities
- Collaborate with business owners to ensure appropriate risk mitigation
Risk Management
- Support the execution of the Information Security risk management lifecycle
- Assist with risk identification, assessment, documentation, and tracking
- Help maintain risk registers and ensure risks are properly escalated and monitored
- Partner with stakeholders to support risk remediation planning
Policy Governance
- Assist in drafting, reviewing, and maintaining information security policies, standards, and procedures
- Facilitate policy review cycles, approvals, and documentation updates
- Ensure alignment with regulatory requirements and industry best practices
GRC Tooling & Process Support
- Support and learn the administration and use of ServiceNow GRC
- Assist in configuring workflows, tracking activities, and improving GRC processes
- Help identify opportunities for automation and process optimization
Qualifications
Required
- Bachelor’s degree in Information Security, Cybersecurity, IT, or related field (or equivalent experience)
- 1–3 years of experience in information security, risk, compliance, or audit (internships acceptable)
- Basic understanding of security frameworks and regulatory requirements
- Strong analytical, organizational, and documentation skills
- Excellent written and verbal communication skills
Preferred
- Exposure to frameworks such as NIST, ISO 27001, SOC 2, or CIS
- Security or compliance certifications (e.g., CISM, CRISC, CISSP, CGEIT, or CISA).
- Experience with third-party risk management processes
- Familiarity with risk management concepts and methodologies
- Exposure to GRC tools (ServiceNow GRC preferred, but not required)
Key Competencies
- Detail-oriented with strong follow-through
- Ability to manage multiple priorities and deadlines
- Collaborative mindset with cross-functional teams
- Curiosity and willingness to learn new tools and frameworks
- Strong problem-solving and critical-thinking skills
Why Join Us
- Opportunity to grow within a maturing GRC program
- Exposure to a wide range of security, compliance, and risk disciplines
- Hands-on experience with industry-standard tools like ServiceNow GRC
- Collaborative and supportive team environment
EEO:
MACOM is an Equal Opportunity Employer committed to a diverse workforce. MACOM will not discriminate against any worker or job applicant on the basis of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, military service, marital status, or any other category protected under applicable law.
Reasonable Accommodation:
MACOM is committed to working with and providing reasonable accommodations to qualified individuals with physical and mental disabilities. If you have a disability and are in need of a reasonable accommodation with respect to any part of the application process, please call +1-978-656-2500 or email HR_Ops@MACOM.com. Provide your name, phone number and the position title and location in which you are interested, and nature of accommodation needed, and we will get back to you. We also work with current employees who request or need reasonable accommodation in order to perform the essential functions of their jobs.
ITAR
Due to ITAR regulations, only candidates who are U.S. Persons (U.S. citizens, U.S. nationals, lawful permanent residents, or individuals granted asylum or refugee status) will be considered for this position.
RSU Eligible
This position is eligible to receive restricted stock unit (RSU) awards and cash bonuses, solely at MACOM’s discretion, subject to individual and company performance.
Salary Range
The Salary Range for this position is $78,000 – $125,000. Actual salary offered to candidate will depend on several factors, including but not limited to, work location, relevant candidates’ experience, education, and specific knowledge, skills, and abilities.
Benefits: This position offers a comprehensive benefits package including but not limited to:
- Health, dental, and vision insurance.
- Employer-sponsored 401(k) plan.
- Paid time off.
- Professional development opportunities.
See All Grc Analyst Jobs
Jump back to the full list of openings and apply to any grc analyst role that fits.
Find Grc Analyst JobsGrc Analyst Job Market
A snapshot from current openings nationwide, updated as new roles post.
Who's Hiring
- Anthropic3
- Clayco3
- Fidelity Investments2
- Adobe1
- American Credit Acceptance1
Top Industries Hiring
- Technology & Software8
- Banking & Financial Services4
- Science & Research4
- Construction & Real Estate3
- Investment & Asset Management2
What Employers Look For
The qualifications that appear most often in grc analyst jobs.
- Bachelor's degree in information security, business, finance, or a related field
- Hands-on experience with frameworks such as NIST CSF, ISO 27001, SOC 2, or COBIT
- Proficiency in GRC platforms such as ServiceNow GRC, Archer, or OneTrust
- Professional certification such as CISA, CRISC, CISM, or CompTIA Security+
- Experience conducting risk assessments, control testing, and audit evidence collection
- Strong written communication skills for policy documentation and executive reporting
Tips for Your Grc Analyst Job Search
Tailor your resume to framework keywords
GRC job postings frequently filter candidates by named frameworks like NIST CSF, ISO 27001, or SOC 2. Pull the exact framework acronyms from each posting and mirror them in your resume's skills and experience sections, not just a generic skills list.
Highlight your certification timing strategically
If you're pursuing CISA, CRISC, or CISSP, list it as 'in progress' with your expected exam date. Hiring managers for grc analyst roles often prefer a candidate actively testing over one with no certification path visible at all.
Apply early to roles that fit
Migrate Mate lists grc analyst openings from across the United States in one place, so you can find roles that match and apply directly to each listing.
Filter openings by regulated industry first
A grc analyst role in healthcare operates under HIPAA and HITRUST, while one in financial services centers on SOX and PCI DSS. Targeting industries where you already know the regulatory environment makes your application far more competitive than applying broadly.
Prepare a controls-testing scenario for interviews
Most grc analyst interviews include a scenario question about a failed control or an audit finding. Walk through how you'd scope the issue, assign risk ownership, and document remediation. Practicing one or two realistic walkthroughs before the interview is more useful than rehearsing definitions.
Negotiate using scope, not just title
When negotiating a grc analyst offer, ask about the number of business units in scope, whether the role owns policy writing or only monitors, and who the function reports to. These scope details affect workload and career trajectory as much as the base offer does.
Grc Analyst Jobs: Frequently Asked Questions
Which companies are hiring the most grc analysts?
The companies hiring the most grc analysts right now include Anthropic, Clayco, and Fidelity Investments, with the largest share of openings in California, Texas, and New York, based on current listings on Migrate Mate as of June 2026. Demand is concentrated in financial services, defense contracting, and large healthcare systems that operate under multiple regulatory frameworks simultaneously.
How many grc analyst jobs are remote?
About 25% of grc analyst openings are fully remote or hybrid as of June 2026, reflecting the desk-based and documentation-heavy nature of the role. Sub-specializations focused on policy management, vendor risk assessment, and compliance monitoring tend to offer the highest share of remote arrangements, while roles requiring hands-on audit walkthroughs or on-site system access are more likely to require in-person presence.
How do you become a grc analyst?
Start by building foundational knowledge in information security and regulatory compliance through a relevant degree or self-study using O*NET occupation guidance for the role's core competencies. Earn an entry-level certification such as CompTIA Security+ or the Certified in Risk and Information Systems Control credential. Then pursue roles with direct exposure to control testing, policy documentation, or internal audit work to build the hands-on experience most employers require before hiring into a dedicated grc analyst position.
Can you get a grc analyst job with little or no experience?
Yes, entry-level grc analyst roles exist, and employers often hire candidates who can demonstrate regulatory awareness even without formal job titles. Internships in internal audit, IT compliance, or information security operations are the most direct path in. Passing the CompTIA Security+ or completing a GRC platform certification on tools like ServiceNow GRC can offset limited experience. Roles at smaller companies or in compliance-adjacent positions such as risk analyst or audit associate are also practical entry points.
What does the grc analyst interview process look like?
Most grc analyst interview processes include an initial recruiter screen focused on regulatory background and tool familiarity, followed by a hiring manager interview that covers framework knowledge and past audit or risk assessment work. A technical or scenario-based round is common, where candidates walk through how they would handle a control failure, gap assessment, or policy exception. Final-stage interviews often involve the compliance, legal, or IT security leadership team depending on the organization's reporting structure.
Where can I find and apply to grc analyst jobs?
You can find and apply to grc analyst jobs on Migrate Mate, which lists current openings from across the United States in one place. Find roles that match your experience level, industry focus, and framework background, then apply directly to each listing without being redirected away from your search.
See All Grc Analyst Jobs
Jump back to the full list of openings and apply to any grc analyst role that fits.
Find Grc Analyst Jobs