CrawlJobs Logo

Security GRC Analyst

United States; Canada; LATAM 130000.00 - 180000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

Monarch is seeking a Security GRC Analyst to join our Security team during a period of growth. Reporting directly to the Head of Software Infrastructure, you will take point on scaling our compliance program and customer security assurance function; enabling the company to respond to increasing inbound partnership opportunities, onboard vendors safely, and maintain compliance without consuming engineering time. We have a solid foundation (SOC2 Type 2 certified), but no dedicated owner within the team. You'll own the day-to-day while building the tooling and workflows to handle increasing volume as we grow.

Job Responsibility

  • Scale, automate, and optimize existing GRC, compliance, and customer assurance programs, including security questionnaires, evidence requests, trust center content, and knowledge base
  • Optimize and automate an existing third-party risk program by improving risk signal quality, automating evidence collection, and reducing assessment cycle time
  • Evaluate, implement and maintain GRC tooling (Vanta, Drata, SafeBase, etc.) with a focus on AI-powered automation to minimize operational overhead
  • Mature existing SOC 2 program by strengthening continuous controls monitoring, reducing audit prep effort, and increasing confidence in automated evidence completeness
  • Research, recommend and implement additional frameworks and attestations (ISO 27001, CSA STAR, etc.) to position Monarch as a security leader in personal finance

Requirements

  • 3-5 years operating and scaling mature GRC, compliance, or customer assurance programs in high-growth environments
  • Hands-on experience with customer assurance (security questionnaires, evidence requests, RFPs)
  • Hands-on experience with SOC2, CCPA/GDPR compliance and understanding of other frameworks (e.g. ISO 27001)
  • Hands-on experience with Continuous Controls Monitoring and compliance automation tools (Vanta, Drata, Oneleet, SafeBase, or similar)
  • Strong written communication skills to support internal and external engagements such as customer-facing responses
  • Comfort with ambiguity and building process from scratch
  • Ability to identify process anti-patterns (manual evidence requests, one-off questionnaires, duplicate controls) and replace them with durable, automated solutions

Nice to have

  • Fintech or financial services background
  • Familiarity with cloud infrastructure (AWS) and modern SaaS stack
  • Experience in a high-growth startup environment within B2B SaaS
  • Experience leveraging AI tools (Claude, ChatGPT) for GRC workflows
  • Relevant certifications (CISA, CRISC, Security+)
  • Experience partnering with IT to implement Corporate Security controls over SaaS, identity and access management (IAM), and endpoint security

What we offer

  • Work wherever you want! As a fully remote company with no central office
  • Competitive cash and equity compensation in a hyper growth, early stage company
  • Stipend to set-up your ideal working environment
  • Competitive Benefit Plans for employees based on your location (e.g. in the US we offer: Medical, dental and vision benefits and the ability to contribute to a 401k plan)
  • Unlimited PTO
  • 3 day weekend every month! We take off the “First Friday” every month to focus on rest, recuperation, or just having fun!

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security GRC Analyst

8 matching positions

SAP Application Analyst (Security & GRC)

We are seeking an SAP Application Analyst to support system security, access man...
Location
Location
United States , Madison
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in SAP application support, security, or GRC
  • Experience with SAP GRC (Access Control, Risk Analysis, Emergency Access)
  • Understanding of SAP S/4 and general business processes
  • Strong communication skills and ability to work with non-technical stakeholders
  • Bachelor's degree or equivalent experience
Job Responsibility
Job Responsibility
  • Manage and maintain SAP user access and security roles
  • Monitor and resolve segregation of duties (SoD) risks
  • Partner with audit and compliance teams to meet regulatory requirements
  • Support SAP GRC processes, including access controls and risk analysis
  • Maintain security policies, procedures, and documentation
  • Assist with system testing and validation of security controls
  • Support ongoing system enhancements and projects
  • Fulltime
Read More
Arrow Right

Senior Cyber Security GRC Analyst

We are currently seeking a Senior Cyber Security GRC Analyst to join FinXL and t...
Location
Location
Australia , North Sydney
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as a Senior Cyber Security GRC Analyst
  • Strong experience in Cyber Security GRC, Risk, or Compliance roles
  • Experience working with control frameworks such as NIST SP 800-53
  • Experience writing policies, standards, and control documentation from scratch
  • Experience conducting control assurance, testing or audit support activities
  • Experience in stakeholder engagement, running workshops & influencing outcomes
  • Experience implementing security controls
  • Experience in control uplift or transformation programs
  • Experience translating NIST security controls into clear, business-friendly requirements
  • Experience defining control objectives, parameters & implementation guidance aligned to organisational context
Job Responsibility
Job Responsibility
  • Support the definition, documentation & assurance of security controls aligned to NIST SP 800-53
Read More
Arrow Right

Information Security GRC Analyst

Our Financial Services client has an exciting vacancy within their Information S...
Location
Location
United Kingdom , Liverpool
Salary
Salary:
40000.00 - 50000.00 GBP / Year
brosterbuchanan.com Logo
Broster Buchanan
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 – 3 years’ experience in information security roles
  • Experience with risk assessment methodologies
  • Excellent analytical and problem-solving skills with attention to detail
  • Strong communication skills with the ability to explain complex security concepts to non – technical stakeholders
  • Knowledge of information security frameworks such as ISO 27001 or NIST
  • Eligibility to work in the UK
Job Responsibility
Job Responsibility
  • Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion
  • Support the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards
  • Support third party risk management processes
  • Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities
  • Manage security architecture reviews for new systems and services
  • Evaluate security controls and recommending improvements
  • Support the implementation of security tools and technologies
  • Provide oversight of the security incident management process
  • Provide security metrics for interested parties at all levels
  • Support the security awareness programme to promote a culture of security within all levels of the Group
  • Fulltime
Read More
Arrow Right

Senior Security GRC Analyst

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serv...
Location
Location
United States , San Francisco; San Jose
Salary
Salary:
154000.00 - 200000.00 USD / Year
lambda.ai Logo
Lambda
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 8 years of experience supporting cybersecurity risk or controls management programs
  • In-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements
  • Experience managing and running audits, certification programs and control assessments
  • Experience collaborating closely with engineers, business teams, and security partners
  • Strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives
Job Responsibility
Job Responsibility
  • Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives
  • Manage IT Risk Register including risk identification, tracking, and prioritization
  • Assist with and drive remediation of control deficiencies and gaps
  • Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.)
  • Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting
  • Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires
  • Assist control owners with root cause analysis and track risk management action plan progress
  • Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings
  • Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements
What we offer
What we offer
  • Generous cash & equity compensation
  • Health, dental, and vision coverage for you and your dependents
  • Wellness and commuter stipends for select roles
  • 401k Plan with 2% company match (USA employees)
  • Flexible paid time off plan
  • Fulltime
Read More
Arrow Right

GRC Security Analyst

Perdue is seeking a motivated cybersecurity professional to support and enhance ...
Location
Location
United States , Salisbury
Salary
Salary:
73000.00 - 109000.00 USD / Year
perduefarms.com Logo
Perdue Farms
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree from an accredited four-year college or university
  • 2-5 years of professional experience in cybersecurity, risk management, security advisory, or GRC operations
  • Practical understanding of vulnerability management processes, including remediation planning and prioritization
  • Experience operating or contributing to enterprise risk registers and risk review procedures
  • Familiarity with GRC or Vulnerability Management platforms
  • Exposure to policy development, compliance initiatives, and regulatory frameworks such as NIST or CIS controls
  • Ability to support cross-functional teams and communicate effectively with technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Define and maintain vulnerability management process and procedure
  • Align identified vulnerabilities with enterprise risk management practices
  • Contextualize vulnerabilities based on environmental and business impact
  • Support remediation planning and prioritization efforts
  • Define Risk Management operational processes to support risk review and maintain the enterprise risk register
  • Assist in building and optimizing GRC workflows and compliance automation
  • Support the definition of risk-related metrics including the development of executive dashboards to visualize risk posture and compliance status
  • Author, update, and maintain cybersecurity policies and standards
  • Ensure alignment with regulatory requirements and industry best practices
  • Support efforts related to cybersecurity regulatory compliance and audit readiness
What we offer
What we offer
  • medical/Rx
  • 401(k) with employer match after 1-year
  • critical illness insurance
  • accident insurance
  • dental insurance
  • vision insurance
  • life insurance
  • optional group life insurance
  • short-term and long-term disability protection
  • flexible spending accounts
  • Fulltime
Read More
Arrow Right

Information Security Analyst, GRC

We are seeking an Information Security GRC Analyst - a disciplined professional ...
Location
Location
United States
Salary
Salary:
Not provided
paytient.com Logo
Paytient
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Verifiable experience leading or playing a high-level role in a successful Information Security GRC program that encompasses vendor lifecycle management, alignment with compliance frameworks, and risk management
  • 2+ years in Information Security, IT Audit, or a Security GRC role
  • A strong understanding of networking, operating systems, cloud security, and encryption
  • An in-depth knowledge of HITRUST CSF and SOC2 and a working knowledge of NIST and ISO 27001
  • Exceptional written communication skills with the ability to create clear, accurate documentation that stands up to auditor scrutiny
  • Experience with Jira, Google Workspace, and GRC platforms such as Vanta, Drata, or similar products
Job Responsibility
Job Responsibility
  • Manage the alignment of internal policies, procedures, and controls with the HITRUST CSF and SOC2
  • Contribute to the design and implementation of robust security controls across the organization
  • Collaborate with stakeholders to draft and update information security policies and standards
  • Act as a primary participant in SOC2 and HITRUST assessments and audits, managing evidence gathering, documentation, and technical interaction with external auditors
  • Work closely with IT and Security teams to verify that controls are designed correctly and operating effectively
  • Assist in identifying vulnerabilities and participate in risk assessments for proposed business changes
  • Facilitate the Vendor Management Program by performing third party risk reviews for a broad range of technology vendors and reporting risk findings to technology stakeholders
What we offer
What we offer
  • Medical, dental and vision insurance
  • $4,400 annual HSA contribution
  • Paytient Health Payment Account (HPA)
  • Monthly lifestyle spending stipend
  • Five weeks of annual PTO
  • Week-long fully paid 'summer break' for all employees
  • Ten weeks of bonding leave for new parents
  • Two weeks of caregiver leave
  • Employer paid short-term and long-term disability
  • 401k plan access with a 4% employer match
  • Fulltime
Read More
Arrow Right

Compliance And Security Analyst

Robert Half is actively partnering with an Austin-based client to identify a Com...
Location
Location
United States , Austin
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in compliance, security, or audit-related roles
  • Hands-on experience supporting SOC 2 (or similar) audits, including evidence collection
  • Experience with compliance automation or GRC tools (e.g., Drata or similar platforms)
  • Familiarity with vulnerability management and/or application security processes (e.g., penetration testing)
  • Experience working cross-functionally with technical teams such as Engineering, IT, or Security
  • Extensive organizational skills with high attention to detail
  • Ability to manage multiple priorities in a fast-paced environment
Job Responsibility
Job Responsibility
  • Collect, organize, and maintain documentation required for SOC 2 and similar compliance audits
  • Partner with Engineering, IT, Security, and other internal teams to gather required artifacts and documentation
  • Utilize compliance management platforms to track controls, monitor progress, and ensure timely completion of tasks
  • Assist in audit preparation by ensuring all materials are accurate, complete, and audit-ready
  • Collaborate with third-party auditors to fulfill requests and provide supporting documentation
  • Identify gaps or inconsistencies in compliance documentation and drive resolution with stakeholders
  • Support ongoing compliance initiatives and continuous process improvements
  • Track and assist in remediation of vulnerabilities identified through scans and penetration testing
  • Coordinate logistics for periodic security assessments, including scoping, scheduling, and documentation
  • Support documentation and validation of secure development practices and security controls
What we offer
What we offer
  • Healthcare (medical, dental, and vision plans)
  • 401(k) and retirement plans
  • Commuter benefits
  • Employee and vendor discounts
  • Employee Assistance Program (EAP)
Read More
Arrow Right

Network Security Analyst RSA Archer Specialist

We are seeking an experienced RSA Archer Specialist / Network Security Analyst I...
Location
Location
United States , Austin
Salary
Salary:
87.00 USD / Hour
mmcgrp.com Logo
MMC Group LP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess one of the following certifications: Archer Certified Professional (ACP) Level 3 Archer Certified Administrator - Expert Certification
  • Strong hands-on RSA Archer administration and configuration experience
  • Experience with: Archer architecture, Workflow design, Data models, Access controls, Application configuration
  • Experience integrating enterprise systems using: REST APIs, Web services
  • Proficiency with: JavaScript, jQuery
  • Strong understanding of: Governance, Risk, and Compliance (GRC), Security controls, Risk management frameworks, Compliance programs
  • Ability to work independently on complex technical initiatives
  • Strong written and verbal communication skills
Job Responsibility
Job Responsibility
  • Design, configure, implement, and maintain RSA Archer solutions
  • Support: Assessment & Authorization (A&A), Controls Assurance, Issues Management, Custom Archer applications, Enterprise integrations
  • Gather and analyze business and technical requirements
  • Translate requirements into: Solution designs, User stories, Configuration specifications, Implementation plans
  • Configure Archer workflows, forms, questionnaires, approvals, calculations, and permissions
  • Develop and support REST API and web service integrations
  • Implement JavaScript and jQuery customizations within Archer applications
  • Support integrations with platforms such as: ServiceNow, ITSM systems, CMDB platforms, Risk management tools
  • Troubleshoot application issues and optimize performance
  • Maintain technical documentation and deployment records
What we offer
What we offer
  • Medical, dental, and vision coverage
  • Life and disability insurance
  • Additional voluntary benefits
  • Fulltime
Read More
Arrow Right