GRC Analyst

TL;DR

GRC Analyst: Supporting governance, risk, and compliance activities including control monitoring, risk assessments, and audit readiness with an accent on compliance frameworks like SOC 2, ISO 27001, and PCI. Focus on maintaining GRC platforms, coordinating remediation, and ensuring regulatory obligations are met in a hybrid or remote US-based environment.

Location: Hybrid schedule preferred if within commutable distance to Lehi, Utah office; remote work considered for others in the US

Salary: $83,000 - $91,500 per year

Company

hirify.global provides a SaaS platform connecting organizations with qualified suppliers and contractors, enabling visibility and sustainable growth across supply chains.

What you will do

• Support governance, risk, and compliance programs by maintaining policies, documentation, and control mappings.
• Assist in risk assessments, remediation tracking, and maintaining the risk register.
• Collect audit evidence and conduct control testing for frameworks such as SOC 2, ISO 27001, and PCI.
• Maintain and update GRC platforms and support compliance workflows.
• Perform vendor security reviews and assist with compliance training and awareness.

Requirements

• Location: Must be based in the United States or within commutable distance to Lehi, Utah for hybrid work; remote US candidates considered
• Bachelor’s degree or equivalent experience in Information Security, Risk Management, or related field.
• 1–3+ years experience in compliance, IT audit, cybersecurity operations, or risk management.
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, NIST CSF, SOX, HIPAA, or PCI.
• Basic understanding of security controls, audit principles, and cloud technologies (AWS, Azure, GCP).
• Strong communication, organizational skills, and ability to collaborate cross-functionally.

Culture & Benefits

• Comprehensive benefits including health, dental, vision insurance, 401(k), and PTO.
• Salary transparency and equitable hiring practices.
• Hybrid work schedule with remote options for eligible candidates.
• Commitment to diversity and inclusion.

Hiring process

• Submit online application by February 28, 2026.
• Evaluation includes review of experience with compliance frameworks and relevant skills.
• Interviews with cross-functional teams and potential technical assessments.