3

Full Time Remote Grc Analyst Jobs (NOW HIRING)

Due to an increase in fraudulent candidates, remote candidates will be considered on a case-by-case ... Strong documentation, analytical, and organizational skills, with attention to detail * Ability to ...

This role is primarily remote, with occasional travel required for projects, collaboration, and ... Proven ability to analyze vendor security documentation (SOC 2 Type II, SIG questionnaires ...

Risk Analyst / Risk Manager Position Type: Full-Time, Remote Working Hours: U.S. client business ... as Archer GRC, ServiceNow, LogicManager, or equivalent • Familiarity with enterprise risk ...

next page

Showing results 1-20

Full Time Remote Grc Analyst information

See salary details

$36.5K

$97.7K

$228.5K

How much do full time remote grc analyst jobs pay per year?

As of Jul 6, 2026, the average yearly pay for full time remote grc analyst in the United States is $97,659.00, according to ZipRecruiter salary data. Most workers in this role earn between $55,000.00 and $111,000.00 per year, depending on experience, location, and employer.

What are some common challenges a Full Time Remote GRC Analyst might face, and how can they overcome them?

A Full Time Remote GRC (Governance, Risk, and Compliance) Analyst often faces challenges such as maintaining effective communication with cross-functional teams, staying updated on regulatory changes, and managing multiple projects concurrently. To overcome these, it's important to leverage collaboration tools, schedule regular check-ins with stakeholders, and use project management software to track deadlines and deliverables. Additionally, participating in online industry forums and ongoing professional development can help you stay current with best practices and regulatory updates.

What are the key skills and qualifications needed to thrive as a Full Time Remote GRC Analyst, and why are they important?

To excel as a Full Time Remote GRC Analyst, you need a solid understanding of governance, risk management, compliance frameworks (like ISO 27001 or NIST), and typically a bachelor’s degree in information security or a related field. Familiarity with GRC platforms (such as RSA Archer or ServiceNow GRC), risk assessment tools, and relevant certifications (like CISA, CRISC, or CISSP) is highly valued. Excellent analytical thinking, attention to detail, self-motivation, and strong communication skills are crucial for remote collaboration and effective reporting. These skills ensure that organizations identify, assess, and mitigate risks effectively while maintaining regulatory compliance in a distributed work environment.

What does a Full Time Remote GRC Analyst do?

A Full Time Remote GRC (Governance, Risk, and Compliance) Analyst is responsible for helping organizations identify, assess, and manage risks related to information security, compliance, and governance. They develop and implement policies, monitor regulatory requirements, and ensure that the company adheres to industry standards. Working remotely, they use digital tools to assess risks, conduct audits, and collaborate with teams to improve security and compliance posture. Their work is crucial in protecting sensitive information and ensuring the organization meets legal and regulatory obligations.
More about Full Time Remote Grc Analyst jobs
What cities are hiring for Full Time Remote Grc Analyst jobs? Cities with the most Full Time Remote Grc Analyst job openings:
What are the most commonly searched types of Remote Grc Analyst jobs? The most popular types of Remote Grc Analyst jobs are:
What states have the most Full Time Remote Grc Analyst jobs? States with the most job openings for Full Time Remote Grc Analyst jobs include:

Information Security Analyst (GRC)

Boston Childrens Health Physicians LLP

Valhalla, NY • Remote

$100K - $140K/yr

Full-time

Posted 6 days ago


Job description

Information Security Analyst (GRC)

Boston Children's Health Physicians (BCHP) Valhalla, NY (Remote)

Position Summary:
Boston Children's Health Physicians (BCHP) is seeking an experienced IT Security Analyst – Governance, Risk & Compliance (GRC) to support and mature our enterprise information security program.
This position will play a key role in helping BCHP strengthen cybersecurity governance, manage risk, maintain regulatory compliance, oversee security assessments, support third-party risk management, and drive continuous improvement across our security program.
The ideal candidate will serve as a bridge between Information Security, Compliance, Operations, and external service providers, helping ensure BCHP maintains a strong security posture while supporting the delivery of quality patient care.
This role reports directly to the Senior Director, Information Systems & Information Security (Security Officer).

Budget for position

  • $100,000-$140,000 per year based on qualifications.

Role and Responsibilities

Governance & Compliance

  • Support the development, maintenance, and continuous improvement of BCHP's Information Security Program.
  • Assist with security policy development, review, implementation, and lifecycle management.
  • Monitor compliance with HIPAA, HITECH, NIST Cybersecurity Framework, CIS Controls, and organizational security standards.
  • Track remediation efforts resulting from audits, assessments, and risk analyses.
  • Maintain security governance documentation, evidence repositories, and compliance records.

Risk Management

  • Conduct and document security risk assessments.
  • Assist with enterprise risk identification, analysis, and mitigation planning.
  • Maintain risk registers and remediation tracking activities.
  • Participate in annual Security Risk Assessments (SRA) and third-party assessments.

Vendor & Third-Party Risk Management

  • Perform security reviews of vendors, business associates, and service providers.
  • Review security questionnaires, SOC reports, penetration test summaries, and related documentation.
  • Track vendor remediation activities and ongoing monitoring requirements.
  • Support Business Associate Agreement (BAA) and security review processes.


Audit & Assessment Support

  • Coordinate internal and external security audits.
  • Gather evidence and documentation for regulatory, compliance, and customer audits.
  • Assist with preparation for HIPAA, cybersecurity, and third-party assessments.
  • Monitor corrective action plans through completion.
  • Security Awareness & Training
  • Support enterprise security awareness initiatives.
  • Assist with phishing simulation programs and training campaigns.
  • Track workforce training completion and reporting metrics.

Security Program Reporting

  • Develop security metrics, dashboards, and executive reports.
  • Monitor compliance with security policies and standards.
  • Provide recommendations for program improvements and risk reduction.

Requirements:

Required

  • Bachelor’s degree in information security, Cybersecurity, Information Technology, Business, or related field (or equivalent experience).
  • 3+ years of experience in Information Security, IT Audit, Risk Management, Compliance, or Governance.
  • Knowledge of:
    • HIPAA Security Rule
    • NIST Cybersecurity Framework
    • CIS Controls
    • Security Risk Assessments
    • Vendor Risk Management
    • Security Policies and Procedures
  • Strong documentation, analytical, and organizational skills.
  • Excellent communication and presentation abilities.

Preferred

  • Experience in healthcare, healthcare technology, or regulated environments.
  • Experience supporting security audits and regulatory assessments.
  • Familiarity with:
    • Microsoft 365 Security & Compliance
    • Microsoft Purview
    • Microsoft Defender
    • Sentinel
    • CrowdStrike
    • Proofpoint
    • ServiceNow or similar ticketing platforms

Preferred Certifications

  • Security+
  • GSEC
  • SSCP
  • CISA
  • CRISC
  • CGRC (formerly CAP)
  • CISSP (or pursuing)

Why Join BCHP?

This position offers significant visibility across the organization and the opportunity to directly influence the future direction of BCHP's security and compliance program.

Additionally

  • Competitive salary and comprehensive benefits package
  • Supportive, inclusive, and growth focused company culture
  • Access to continuous professional development
  • Flexible work environment