Associate GRC Security Analyst

TL;DR

Associate GRC Security Analyst (Cybersecurity): Supporting internal cybersecurity governance, compliance, and audit programs with an accent on evidence gathering, vendor risk assessments, and framework mapping. Focus on maintaining audit-ready documentation, managing GRC platform workflows, and contributing to security awareness and phishing simulation programs.

Location: Must be based in San Mateo, CA (Onsite)

Salary: $80,000–$105,000

Company

hirify.global is a leading EdTech company providing personalized learning products to millions of students and educators globally.

What you will do

• Gather and organize evidence to support internal and external audits.
• Administer the GRC platform, including workflow configuration and data integrity maintenance.
• Perform vendor risk assessments to evaluate third-party security posture.
• Conduct risk assessments and maintain the organizational risk register.
• Coordinate security awareness training and phishing simulation campaigns.
• Map and cross-reference controls across frameworks like SOC2, PCI-DSS, and NIST.

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or related field.
• 1-3 years of experience in GRC, IT audit, or risk management.
• Familiarity with compliance frameworks such as SOC2, PCI-DSS, NIST, or ISO 27001.
• Experience supporting SOC2 Type 2 or PCI-DSS audits.
• Strong attention to detail and ability to manage documentation across multiple workstreams.
• Excellent written and verbal communication skills.

Nice to have

• Relevant certifications such as CompTIA Security+, CISA, or GRCP.
• Experience with GRC platforms like Vanta or Auditboard.
• Experience with ticketing tools such as Jira.

Culture & Benefits

• Collaborative and inclusive work environment.
• Opportunity to work on products impacting millions of learners.
• Commitment to diversity and equal opportunity employment.
• Comprehensive benefits package for full-time employees.