[Remote] GRC Analyst

Note: The job is a remote job and is open to candidates in USA. Point Wild is dedicated to creating comprehensive cybersecurity solutions for individuals. The GRC Analyst role focuses on supporting cybersecurity, risk management, and regulatory compliance programs to strengthen security posture and maintain continuous audit readiness.

Responsibilities

• Conduct regular security audits and risk assessments to identify vulnerabilities and areas for improvement
• Monitor and assess compliance with internal security policies and external regulatory requirements
• Recommend and track appropriate security controls and mitigation strategies
• Maintain detailed records of compliance activities, including assessments, corrective actions, and audit results
• Prepare compliance documentation and reports for internal leadership and external auditors
• Maintain and support the Simpluris cybersecurity compliance program
• Regularly update policies, procedures, standards, and documentation to align with evolving regulatory and contractual requirements
• Develop and maintain templates, tools, and resources to support compliance and audit readiness
• Utilize compliance and GRC tools (i.e., Drata, Vanta, or similar platforms) to track controls, evidence, risks, and remediation efforts
• Support third-party risk assessments, vendor questionnaires, and ongoing vendor compliance monitoring
• Serve as the primary point of contact between Corporate, Technology, and Operational teams
• Collaborate with IT, legal, and business units to address compliance challenges
• Communicate complex technical and regulatory requirements in a clear, accessible manner to diverse audiences
• Develop and deliver training and awareness sessions
• Conduct or support internal security audits and compliance reviews
• Stay current with industry standards, federal regulations, and cybersecurity best practices
• Support incident response activities, investigations, and post-incident documentation as needed
• Collect, validate, and maintain audit evidence to support regulatory and customer audits
• Assist with control testing, gap analysis, and remediation tracking

Skills

• Bachelor's degree in information technology, Cybersecurity, Computer Science, Information Security, or a related field
• 1–3 years of experience in IT security, compliance, risk management, or a related role
• Experience with compliance and GRC tools (Drata or Vanta)
• Familiarity with cybersecurity and frameworks, including: NIST 800-53 R5 (CMMC is a plus), Type 2 SOC 2, HIPAA, PCI-DSS, or GDPR
• Strong understanding of information security principles and best practices
• 5+ years of experience in security compliance, risk management, or a related field
• Experience working in legal, financial, or other highly regulated environments
• Experience conducting formal risk assessments and managing compliance programs
• Experience maintaining and developing security policies, standards, and procedures
• Professional certifications such as CISSP, CISM, CISA, CompTIA Security+, or CMMC-related certifications

Benefits

• Generous health and wellness benefits
• Retirement savings plans
• Parental leave
• Much more

Company Overview

Company H1B Sponsorship