Green Card Grc Analyst Jobs
GRC Analyst roles qualify for EB-2 or EB-3 green card sponsorship through the PERM labor certification process, which requires your employer to demonstrate no qualified U.S. workers are available. Demand for professionals who manage governance, risk, and compliance frameworks has made sponsorship increasingly common across financial services, healthcare, and technology sectors.
Find Green Card Grc Analyst JobsOverview
Showing 5 of 16+ Grc Analyst jobs
See all Grc Analyst Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Grc Analyst roles.
Get Access To All JobsCompany Overview:
MACOM designs and manufactures semiconductor products for Data Center, Telecommunication, and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe, and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001 environmental management standard.
MACOM has more than 75 years of application expertise with multiple design centers, Si, GaAs, and InP fabrication, manufacturing, assembly and test, and operational facilities throughout North America, Europe, and Asia. In addition, MACOM offers foundry services that represents a key core competency within our business.
MACOM sells and distributes products globally via a sales channel comprised of a direct field sales force, authorized sales representatives, and leading industry distributors. Our sales team is trained across all of our products to give our customers insights into our entire portfolio.
Position Overview:
We are seeking a motivated and detail-oriented GRC Analyst to join our Information Security team. This role will support the organization’s governance, risk, and compliance initiatives, focusing on regulatory and framework alignment, third-party risk management, risk lifecycle processes, and policy governance.
The ideal candidate will have foundational knowledge of information security principles, strong analytical skills, and a willingness to learn and grow within the GRC space, especially in platforms such as ServiceNow GRC.
Key Responsibilities
Compliance & Framework Support
- Assist in the implementation, maintenance, and monitoring of compliance frameworks (e.g., NIST, ISO 27001, SOX, SOC2, CIS, etc.)
- Support internal and external audit activities, including evidence collection and control validation
- Track and report on compliance status, gaps, and remediation efforts
Third-Party Risk Management (TPRM)
- Conduct vendor risk assessments and due diligence reviews
- Analyze third-party security posture and identify potential risks
- Maintain vendor inventory and track risk treatment activities
- Collaborate with business owners to ensure appropriate risk mitigation
Risk Management
- Support the execution of the Information Security risk management lifecycle
- Assist with risk identification, assessment, documentation, and tracking
- Help maintain risk registers and ensure risks are properly escalated and monitored
- Partner with stakeholders to support risk remediation planning
Policy Governance
- Assist in drafting, reviewing, and maintaining information security policies, standards, and procedures
- Facilitate policy review cycles, approvals, and documentation updates
- Ensure alignment with regulatory requirements and industry best practices
GRC Tooling & Process Support
- Support and learn the administration and use of ServiceNow GRC
- Assist in configuring workflows, tracking activities, and improving GRC processes
- Help identify opportunities for automation and process optimization
Qualifications
Required
- Bachelor’s degree in Information Security, Cybersecurity, IT, or related field (or equivalent experience)
- 1–3 years of experience in information security, risk, compliance, or audit (internships acceptable)
- Basic understanding of security frameworks and regulatory requirements
- Strong analytical, organizational, and documentation skills
- Excellent written and verbal communication skills
Preferred
- Exposure to frameworks such as NIST, ISO 27001, SOC 2, or CIS
- Security or compliance certifications (e.g., CISM, CRISC, CISSP, CGEIT, or CISA).
- Experience with third-party risk management processes
- Familiarity with risk management concepts and methodologies
- Exposure to GRC tools (ServiceNow GRC preferred, but not required)
Key Competencies
- Detail-oriented with strong follow-through
- Ability to manage multiple priorities and deadlines
- Collaborative mindset with cross-functional teams
- Curiosity and willingness to learn new tools and frameworks
- Strong problem-solving and critical-thinking skills
Why Join Us
- Opportunity to grow within a maturing GRC program
- Exposure to a wide range of security, compliance, and risk disciplines
- Hands-on experience with industry-standard tools like ServiceNow GRC
- Collaborative and supportive team environment
EEO:
MACOM is an Equal Opportunity Employer committed to a diverse workforce. MACOM will not discriminate against any worker or job applicant on the basis of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, military service, marital status, or any other category protected under applicable law.
Reasonable Accommodation:
MACOM is committed to working with and providing reasonable accommodations to qualified individuals with physical and mental disabilities. If you have a disability and are in need of a reasonable accommodation with respect to any part of the application process, please call +1-978-656-2500 or email HR_Ops@MACOM.com. Provide your name, phone number and the position title and location in which you are interested, and nature of accommodation needed, and we will get back to you. We also work with current employees who request or need reasonable accommodation in order to perform the essential functions of their jobs.
ITAR
Due to ITAR regulations, only candidates who are U.S. Persons (U.S. citizens, U.S. nationals, lawful permanent residents, or individuals granted asylum or refugee status) will be considered for this position.
RSU Eligible
This position is eligible to receive restricted stock unit (RSU) awards and cash bonuses, solely at MACOM’s discretion, subject to individual and company performance.
Salary Range
The Salary Range for this position is $78,000 – $125,000. Actual salary offered to candidate will depend on several factors, including but not limited to, work location, relevant candidates’ experience, education, and specific knowledge, skills, and abilities.
Benefits: This position offers a comprehensive benefits package including but not limited to:
- Health, dental, and vision insurance.
- Employer-sponsored 401(k) plan.
- Paid time off.
- Professional development opportunities.
Company Overview:
MACOM designs and manufactures semiconductor products for Data Center, Telecommunication, and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe, and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001 environmental management standard.
MACOM has more than 75 years of application expertise with multiple design centers, Si, GaAs, and InP fabrication, manufacturing, assembly and test, and operational facilities throughout North America, Europe, and Asia. In addition, MACOM offers foundry services that represents a key core competency within our business.
MACOM sells and distributes products globally via a sales channel comprised of a direct field sales force, authorized sales representatives, and leading industry distributors. Our sales team is trained across all of our products to give our customers insights into our entire portfolio.
Position Overview:
We are seeking a motivated and detail-oriented GRC Analyst to join our Information Security team. This role will support the organization’s governance, risk, and compliance initiatives, focusing on regulatory and framework alignment, third-party risk management, risk lifecycle processes, and policy governance.
The ideal candidate will have foundational knowledge of information security principles, strong analytical skills, and a willingness to learn and grow within the GRC space, especially in platforms such as ServiceNow GRC.
Key Responsibilities
Compliance & Framework Support
- Assist in the implementation, maintenance, and monitoring of compliance frameworks (e.g., NIST, ISO 27001, SOX, SOC2, CIS, etc.)
- Support internal and external audit activities, including evidence collection and control validation
- Track and report on compliance status, gaps, and remediation efforts
Third-Party Risk Management (TPRM)
- Conduct vendor risk assessments and due diligence reviews
- Analyze third-party security posture and identify potential risks
- Maintain vendor inventory and track risk treatment activities
- Collaborate with business owners to ensure appropriate risk mitigation
Risk Management
- Support the execution of the Information Security risk management lifecycle
- Assist with risk identification, assessment, documentation, and tracking
- Help maintain risk registers and ensure risks are properly escalated and monitored
- Partner with stakeholders to support risk remediation planning
Policy Governance
- Assist in drafting, reviewing, and maintaining information security policies, standards, and procedures
- Facilitate policy review cycles, approvals, and documentation updates
- Ensure alignment with regulatory requirements and industry best practices
GRC Tooling & Process Support
- Support and learn the administration and use of ServiceNow GRC
- Assist in configuring workflows, tracking activities, and improving GRC processes
- Help identify opportunities for automation and process optimization
Qualifications
Required
- Bachelor’s degree in Information Security, Cybersecurity, IT, or related field (or equivalent experience)
- 1–3 years of experience in information security, risk, compliance, or audit (internships acceptable)
- Basic understanding of security frameworks and regulatory requirements
- Strong analytical, organizational, and documentation skills
- Excellent written and verbal communication skills
Preferred
- Exposure to frameworks such as NIST, ISO 27001, SOC 2, or CIS
- Security or compliance certifications (e.g., CISM, CRISC, CISSP, CGEIT, or CISA).
- Experience with third-party risk management processes
- Familiarity with risk management concepts and methodologies
- Exposure to GRC tools (ServiceNow GRC preferred, but not required)
Key Competencies
- Detail-oriented with strong follow-through
- Ability to manage multiple priorities and deadlines
- Collaborative mindset with cross-functional teams
- Curiosity and willingness to learn new tools and frameworks
- Strong problem-solving and critical-thinking skills
Why Join Us
- Opportunity to grow within a maturing GRC program
- Exposure to a wide range of security, compliance, and risk disciplines
- Hands-on experience with industry-standard tools like ServiceNow GRC
- Collaborative and supportive team environment
EEO:
MACOM is an Equal Opportunity Employer committed to a diverse workforce. MACOM will not discriminate against any worker or job applicant on the basis of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, military service, marital status, or any other category protected under applicable law.
Reasonable Accommodation:
MACOM is committed to working with and providing reasonable accommodations to qualified individuals with physical and mental disabilities. If you have a disability and are in need of a reasonable accommodation with respect to any part of the application process, please call +1-978-656-2500 or email HR_Ops@MACOM.com. Provide your name, phone number and the position title and location in which you are interested, and nature of accommodation needed, and we will get back to you. We also work with current employees who request or need reasonable accommodation in order to perform the essential functions of their jobs.
ITAR
Due to ITAR regulations, only candidates who are U.S. Persons (U.S. citizens, U.S. nationals, lawful permanent residents, or individuals granted asylum or refugee status) will be considered for this position.
RSU Eligible
This position is eligible to receive restricted stock unit (RSU) awards and cash bonuses, solely at MACOM’s discretion, subject to individual and company performance.
Salary Range
The Salary Range for this position is $78,000 – $125,000. Actual salary offered to candidate will depend on several factors, including but not limited to, work location, relevant candidates’ experience, education, and specific knowledge, skills, and abilities.
Benefits: This position offers a comprehensive benefits package including but not limited to:
- Health, dental, and vision insurance.
- Employer-sponsored 401(k) plan.
- Paid time off.
- Professional development opportunities.
See all Green Card Grc Analyst Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Green Card Grc Analyst Jobs.
Get Access To All JobsTips for Finding Green Card Sponsorship as a Grc Analyst
Document your GRC credentials before applying
Gather certifications like CISA, CRISC, or CGEIT alongside transcripts and employment letters now. PERM requires detailed evidence of your qualifications, and gaps discovered mid-filing delay labor certification by months.
Target employers in regulated industries first
Financial institutions, healthcare systems, and defense contractors face mandatory compliance obligations, which means dedicated GRC teams and recurring sponsorship demand. These employers are far more likely to have established PERM filing workflows than general tech firms.
Search for green card sponsors using Migrate Mate
Filter for GRC Analyst roles where employers have active EB-2 or EB-3 filing history. Migrate Mate surfaces that sponsorship data so you target roles with real permanent residency pathways, not just H-1B visa holders.
Confirm the job description matches PERM requirements
The PERM application locks in your job duties and minimum qualifications. Ask hiring managers to align the posted requirements with your actual credentials before an offer is signed, since mismatches can trigger DOL audits.
Understand EB-2 versus EB-3 classification for your role
If your GRC position requires a master's degree or you hold a bachelor's plus five years of progressive experience, you may qualify under EB-2, which can mean shorter wait times for some nationalities than the EB-3 skilled worker category.
Check prevailing wage before negotiating your offer
Look up your job's wage level using the OFLC Wage Search before accepting any offer. Your employer must pay at least the DOL-certified prevailing wage throughout the PERM process, and negotiating below that level creates a compliance problem later.
Green Card Grc Analyst: Frequently Asked Questions
Do GRC Analyst roles typically qualify for EB-2 or EB-3 sponsorship?
Most GRC Analyst positions qualify under EB-3 as skilled workers requiring at least a bachelor's degree in information systems, computer science, or a related field. Roles that specifically require a master's degree or equivalent, or where you can demonstrate a bachelor's plus five years of progressive GRC experience, may qualify under EB-2, which offers priority date advantages for some nationalities.
How does PERM green card sponsorship differ from H-1B sponsorship for GRC Analysts?
H-1B sponsorship is temporary and subject to annual lottery caps, while PERM-based EB-2 and EB-3 sponsorship is permanent and has no lottery. The PERM process requires your employer to complete a formal recruitment campaign proving no qualified U.S. worker is available, which takes six to twelve months before USCIS even reviews your I-140 petition. The end result is lawful permanent residency, not a renewable work visa.
Which employers sponsor green cards for GRC Analysts most consistently?
Regulated industries with ongoing compliance mandates sponsor the most consistently: large banks, insurance carriers, healthcare networks, and federal contractors all maintain GRC functions that require long-term staffing. These employers have internal immigration counsel and established PERM workflows. Use Migrate Mate to filter GRC Analyst postings by employers with documented EB-2 or EB-3 sponsorship history, so you're not discovering a company's sponsorship policies mid-interview.
Can my employer start the PERM process while I'm on an H-1B or OPT?
Yes. PERM is independent of your current status. Employers can file a labor certification while you're working on H-1B, OPT, or any other authorized status. If you're on OPT with limited time remaining, your employer should file an H-1B cap-subject petition concurrently so your work authorization doesn't lapse while the multi-year PERM and I-140 process runs.
What GRC skills should be documented to support a strong PERM petition?
DOL evaluates whether your qualifications match the minimum requirements stated in the PERM job description exactly. Document hands-on experience with risk frameworks like NIST, ISO 27001, or SOC 2, plus any audit or compliance tool proficiency your role requires. Certifications such as CRISC or CISA should appear in your employment letters and transcripts. Avoid overstating qualifications that exceed the PERM minimum, since that can complicate the DOL's substitutability analysis.