GRC Analyst II
Location: Remote
Compensation: Salary
Reviewed: Wed, Jul 15, 2026
This job expires in: 30 days
Job Summary
Supporting senior-level initiatives across risk, audit, and compliance, the full-time remote GRC Analyst II will maintain data classification programs, manage policy lifecycles, and conduct vendor security assessments to drive compliance and risk outcomes.
Key responsibilities
- Maintain the data classification program and system classification inventory in collaboration with data owners
- Support audit coordination activities for SOC 2 and other compliance frameworks
- Manage the policy management lifecycle, including drafting, tracking reviews, and coordinating approvals
Required qualifications
- Bachelor's degree in cybersecurity, information systems, or a related field
- 2-4 years of experience in GRC or information security within a commercial SaaS or software company
- Working knowledge of information security control frameworks such as SOC 2, ISO 27001, or NIST 800-53
- Experience conducting vendor security assessments and managing third-party risk workflows
- Hands-on experience with GRC tools or platforms (e.g., Drata, ServiceNow GRC)
COMPLETE JOB DESCRIPTION
The job description is available to subscribers. Subscribe today to get the full benefits of a premium membership with Virtual Vocations. We offer the largest remote database online...