Cybersecurity GRC Analyst

About The Position

Requirements

• Possesses a strong cybersecurity mindset with fluency in governance, compliance, and risk management principles.
• Demonstrates the ability to prepare clear, accurate, and well‑documented information for security analyses.
• Maintains flexibility and focus while working independently and managing time to meet commitments.
• Adapts to unforeseen events, emerging information, and rapidly changing circumstances with sound judgment.
• Builds and sustains collaborative relationships across diverse stakeholders and cross‑functional teams.
• Holds three to five years of experience in the cybersecurity field.
• Brings education or training in data governance, regulatory compliance, and risk management with a proven ability to design and implement frameworks that safeguard data integrity, ensure compliance, and mitigate risks.

Nice To Haves

• Demonstrates experience setting up security frameworks and developing information security policies.
• Shows familiarity with global regulatory standards such as General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and International Organization for Standardization (ISO) 27001.
• Applies knowledge of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
• Holds certifications in information security or risk management such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC).
• Uses alternate phrasing including IT compliance analyst, GRC specialist, and information security analyst to increase discoverability.

Responsibilities

• Align IT policy with business objectives by collaborating with cross‑functional stakeholders and communicating security requirements clearly.
• Monitor global governance changes and proactively adapt strategies to maintain compliance across all regions and countries.
• Ensure global compliance readiness by tracking, updating, and documenting regulatory requirements and control obligations.
• Co‑develop information security policies and procedures with business leaders to support operational needs and regulatory landscapes.
• Promote security awareness by driving policy adoption and enabling secure practices across Applied Medical offices.
• Assess and remediate business risks by evaluating governance, risk, and compliance gaps and implementing mitigation plans.
• Lead risk‑based projects and initiatives that reduce identified risks and align outcomes with organizational priorities.
• Serve as a trusted advisor on governance, risk, and compliance topics to build stakeholder credibility and decision support.

Benefits

• Competitive compensation range: $80000 - $120000 / year (California).
• Comprehensive benefits package.
• Training and mentorship opportunities.
• On-campus wellness activities.
• Education reimbursement program.
• 401(k) program with discretionary employer match.
• Generous vacation accrual and paid holiday schedule.