1

Governance Risk Compliance Manager Jobs in Renton, WA

Do you have an understanding of sanctions regulations and experience identifying company-wide risk ... Amazon is seeking an experienced Compliance Program Manager with a proven track record of ...

You apply deep expertise across governance, risk management, compliance, threat intelligence, and operational security to analyze sophisticated risks, anticipate emerging threats, and design ...

Do you have an understanding of sanctions regulations and experience identifying company-wide risk ... Amazon is seeking an experienced Compliance Program Manager with a proven track record of ...

You apply deep expertise across governance, risk management, compliance, threat intelligence, and operational security to analyze sophisticated risks, anticipate emerging threats, and design ...

Do you have an understanding of sanctions regulations and experience identifying company-wide risk ... Amazon is seeking an experienced Compliance Program Manager with a proven track record of ...

Do you have an understanding of sanctions regulations and experience identifying company-wide risk ... Amazon is seeking an experienced Compliance Program Manager with a proven track record of ...

Do you have an understanding of sanctions regulations and experience identifying company-wide risk ... Amazon is seeking an experienced Compliance Program Manager with a proven track record of ...

Through these efforts, the manager strengthens financial governance while equipping campus ... Advance UCO's deficitmonitoringprogram, implementing enhanced review protocols and risk indicators ...

Do you have an understanding of sanctions regulations and experience identifying company-wide risk ... Amazon is seeking an experienced Compliance Program Manager with a proven track record of ...

Staff Cybersecurity Analyst

Seattle, WA · On-site

$70K - $93K/yr

Responsibilities : • Define, refine, and operationalize organization-wide security frameworks, standards, and methodologies across governance, risk assessment, compliance, and incident management ...

next page

Showing results 1-20

Governance Risk Compliance Manager information

See Renton, WA salary details

$43.3K

$107K

$176.6K

How much do governance risk compliance manager jobs pay per year?

As of Jul 14, 2026, the average yearly pay for governance risk compliance manager in Renton, WA is $106,974.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,700.00 and $131,000.00 per year, depending on experience, location, and employer.

How does a Governance Risk Compliance (GRC) Manager typically collaborate with other departments to ensure effective risk management?

A GRC Manager works closely with various departments such as IT, legal, finance, and operations to identify, assess, and mitigate risks across the organization. This often involves facilitating cross-departmental meetings, guiding teams through compliance requirements, and ensuring that controls are implemented effectively. Strong communication and project management skills are essential, as GRC Managers must translate complex regulatory requirements into actionable steps for different teams. This collaborative approach helps ensure that risk management strategies are integrated into daily business processes and that compliance goals are met organization-wide.

What is the salary of governance risk compliance?

The salary for a Governance, Risk, and Compliance (GRC) Manager typically ranges from $80,000 to $150,000 annually, depending on experience, location, and industry. Professionals with certifications like CRISC or CISA and strong knowledge of regulatory frameworks may earn higher salaries.

Is governance risk and compliance a good career?

Governance, Risk, and Compliance (GRC) management is a growing field that involves developing policies, managing regulatory requirements, and ensuring organizational integrity. It often requires certifications like CISA or CRISC and skills in risk assessment, policy development, and compliance frameworks. The role offers stability and opportunities across various industries, making it a viable career choice for those interested in organizational governance and risk management.

What does a governance and risk manager do?

A governance and risk manager oversees an organization’s compliance with laws, regulations, and internal policies, identifying and mitigating potential risks. They develop frameworks, conduct audits, and implement controls to ensure operational integrity and reduce vulnerabilities, often using tools like risk assessment software and requiring certifications such as CRISC or ISO standards.

What is the difference between Governance Risk Compliance Manager vs Compliance Analyst?

AspectGovernance Risk Compliance ManagerCompliance Analyst
CertificationsISO 31000, CRISC, CISACCA, CCEP, or similar
Work EnvironmentStrategic, managerial, policy-focusedOperational, detail-oriented, audit-focused
Employer & Industry UsageFinancial, healthcare, corporate sectorsRegulatory agencies, corporations, consulting firms
Search & Comparison IntentUnderstanding managerial roles in governance and riskDetailing compliance procedures and analysis

The Governance Risk Compliance Manager oversees organizational policies, risk management strategies, and compliance frameworks at a strategic level. In contrast, the Compliance Analyst focuses on implementing and monitoring compliance procedures, conducting audits, and ensuring adherence to regulations. Both roles require relevant certifications and are vital in maintaining organizational integrity, but they differ in scope and responsibilities.

What does a Governance Risk Compliance (GRC) Manager do?

A Governance Risk Compliance (GRC) Manager is responsible for developing, implementing, and overseeing policies and procedures to ensure that an organization complies with regulatory requirements and manages risks effectively. They work closely with various departments to identify potential risks, ensure proper governance frameworks are in place, and monitor compliance with relevant laws and standards. GRC Managers play a key role in maintaining ethical practices, preventing legal issues, and helping organizations achieve their business objectives securely and efficiently.

What are the key skills and qualifications needed to thrive as a Governance Risk Compliance Manager, and why are they important?

To thrive as a Governance Risk Compliance Manager, you need expertise in risk assessment, regulatory frameworks, and compliance management, typically supported by a degree in business, law, or a related field. Familiarity with GRC platforms (like RSA Archer or MetricStream), internal audit tools, and relevant certifications such as CISA, CISM, or CRISC is common. Strong analytical thinking, attention to detail, and effective communication help manage complex regulations and drive organizational compliance culture. These skills ensure the organization can proactively identify risks, comply with legal requirements, and maintain operational integrity.

Is GRC an entry level job?

Governance, Risk, and Compliance (GRC) roles are typically not entry-level positions; they usually require several years of experience in compliance, risk management, or related fields. Entry-level roles in GRC may focus on supporting functions, while managerial positions often demand a strong understanding of regulations, policies, and relevant tools like GRC software. Certifications such as CISA or CRISC can also be beneficial for advancement.
What are popular job titles related to Governance Risk Compliance Manager jobs in Renton, WA? For Governance Risk Compliance Manager jobs in Renton, WA, the most frequently searched job titles are:
What job categories do people searching Governance Risk Compliance Manager jobs in Renton, WA look for? The top searched job categories for Governance Risk Compliance Manager jobs in Renton, WA are:
What cities near Renton, WA are hiring for Governance Risk Compliance Manager jobs? Cities near Renton, WA with the most Governance Risk Compliance Manager job openings:
Senior Compliance Analyst - Continuous Compliance Framework (Hybrid - Seattle)

Senior Compliance Analyst - Continuous Compliance Framework (Hybrid - Seattle)

Nordstrom, Inc.

Seattle, WA • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 13 days ago


Nordstrom rating

6.8

Company rating: 6.8 out of 10

Based on 423 frontline employees who took The Breakroom Quiz

4th of 21 rated department stores


Job description

Job Description
If you're a compliance pro who thrives on building scalable, tech-enabled frameworks and wants to be at the forefront of AI-assisted testing and automation, we want to meet you. We are evolving our compliance program to move at the speed of our business, and we need a strategic lead to take the wheel.
Forget the traditional "box-checking" mentality. This role is for a compliance professional who thrives on building scalable, tech-enabled frameworks and wants to be at the forefront of AI-assisted testing and automation. Join the Governance, Risk, and Compliance (GRC) team as a Senior Analyst on the Compliance Assessment team. In this role, you will lead the transformation and maturation of our existing Continuous Compliance Framework (CCF)-tailoring controls to our organization, acting as the functional lead for the CCF module in our GRC tool, and collaborating across the business to define the parameters that keep us secure.
A critical aspect of this role is cross-functional collaboration with the Governance and Risk teams to ensure the CCF, risk management, and governance programs are integrated and mutually reinforcing. You will also support our audits and assessments such as PCI, contributing to the team's broader compliance posture.
A Day in the Life...
Continuous Compliance Framework (CCF) Transformation
  • Lead the transformation and ongoing maturation of the CCF, including updating and tailoring controls to reflect the current organizational environment, risk profile, and regulatory landscape.
  • Configure and manage the CCF program module within Nordstrom's GRC tool, ensuring accurate representation of controls, testing schedules, evidence requirements, and ownership assignments.
  • Collaborate with stakeholders across business and technology teams to define control language, testing frequency, and implementation guidance that is practical and aligned with operational realities.
  • Document RACI models for all controls within the CCF, establishing clear ownership and accountability across teams.
  • Design and implement KPIs and KRIs for the CCF and broader compliance program, enabling data-driven reporting on compliance health and risk exposure

GRC Program Integration
  • Work closely with the Governance and Risk teams to ensure the CCF, risk management program, and governance program are integrated, with aligned control sets, shared evidence, and coordinated reporting.
  • Identify opportunities to harmonize compliance controls with risk appetite and governance structures, reducing duplication and improving program efficiency.
  • Participate in cross-GRC planning sessions to align timelines, control mappings, and stakeholder engagement strategies across all three programs.
  • Support the development and communication of a unified GRC narrative for leadership, translating program health across risk, governance, and compliance into cohesive insights.

Compliance Assessment & Methodology
  • Partner with Security Engineers to design AI-driven testing and automated evidence collection features within the GRC tool; the Senior Analyst provides functional requirements while Engineers lead technical builds.
  • Serve as a subject matter partner to the PCI program owner to ensure CCF controls satisfy PCI DSS requirements and support the annual PCI assessment process.
  • Design and implement enterprise compliance assessment methodologies that integrate multiple regulatory domains (e.g., NIST, CIS, SOX, HIPAA, CCPA).
  • Develop operational standards and quality criteria for compliance processes, ensuring consistency and effectiveness across the organization.
  • Serve as a subject matter resource for control testing approaches, evidence collection, and documentation quality

Stakeholder Engagement
  • Engage cross-functional stakeholders to gather input on control design, testing feasibility, and ownership, building lasting partnerships that embed compliance into the technology ecosystem.
  • Lead workshops and working sessions with stakeholders to define control requirements, discuss testing approaches, and align on program direction.
  • Serve as a liaison with internal and external auditors as needed, representing the organization's compliance posture and program maturity.
Strategic Alignment & Program Leadership
  • Align CCF activities with strategic business and security objectives by participating in medium-term planning (6-18 months) and ensuring compliance initiatives support organizational goals.
  • Contribute to the strategic vision and roadmap for the Compliance Assessment team, developing reusable, scalable solutions that enhance program efficiency and support organizational growth.
  • Coordinate cross-functional compliance initiatives to ensure comprehensive regulatory coverage and consistent execution.

You Own This If You Have...
Required Qualifications
Experience:
  • 4-6 years of regulatory compliance experience with demonstrated ownership of cross-functional compliance initiatives.
  • Direct experience building and managing Continuous Compliance Framework (CCF) or Common Control Framework programs.
  • Hands-on experience configuring compliance programs within GRC tools and platforms.
  • Experience working with stakeholders to define control language, RACI, and testing cadence.
  • Demonstrated experience developing KPIs and KRIs for compliance programs.
  • Familiarity with PCI DSS sufficient to support assessments and control testing activities.
  • Experience partnering with engineering or security teams to implement automated or AI-assisted control testing.
  • Proven ability to align compliance operations with strategic business objectives.

Education:
  • Bachelor's or Master's degree in Information Technology, Computer Science, Cybersecurity, or related field, or equivalent work experience.

Technical Knowledge:
  • Deep knowledge about multiple regulatory frameworks (CIS, NIST, SOX, HIPAA, CCPA, PCI DSS v4.x) and their control implications.
  • Experience testing technical controls and documenting evidence to support audits.
  • Understanding of enterprise compliance architecture and integrated control frameworks.
  • Familiarity with GRC tool configuration and workflow design.
  • Knowledge of AI/automation tools applicable to compliance testing and evidence collection.

Skills:
  • Strong control framework design and documentation capabilities.
  • Excellent stakeholder engagement and facilitation skills; able to drive consensus across technical and non-technical audiences.
  • Ability to develop and communicate KPIs/KRIs and compliance metrics to leadership.
  • Strong written and verbal communication skills, including experience presenting to senior leadership.
  • Self-directed and results-oriented; able to operate with autonomy, manage competing priorities, and drive programs to completion.
  • Collaborative mindset with the ability to work effectively across the GRC triad (risk, governance, compliance).

Preferred Qualifications
Certifications:
  • Professional certifications preferred: CISA, CRISC, CIPP, CIPM, or equivalent.
  • PCI ISA, QSA, or other PCI-related certifications a plus.

Additional Experience:
  • Experience with GRC platform implementation and administration.
  • Background in regulatory consulting or internal/external audit.
  • Experience leading enterprise-wide compliance transformation initiatives.
  • Proficiency in compliance automation, scripting, or security tooling.
  • Familiarity with AI/ML-assisted compliance or security monitoring tools.

Pay Range Details
The pay range(s) below has been provided in compliance with state specific laws. Pay ranges may be different for other locations.
Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience.
$142,000.00 - $220,500.00 Annual
We've got you covered...
Our employees are our most important asset and that's reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:
  • Medical/Vision, Dental, Retirement and Paid Time Away
  • Life Insurance and Disability
  • Merchandise Discount and EAP Resources

This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_17-19.pdf
A few more important points...
The job posting highlights the most critical responsibilities and requirements of the job. It's not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.
For Los Angeles or San Francisco applicants: Nordstrom is required to inform you that we conduct background checks after conditional offer and consider qualified applicants with criminal histories in a manner consistent with legal requirements per Los Angeles, Cal. Muni. Code 189.04 and the San Francisco Fair Chance Ordinance. For additional state and location specific notices, please refer to the Legal Notices document within the FAQ section of the Nordstrom Careers site.
Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com.
Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ's for relevant information and guidelines.
Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.
Nordstrom keeps job postings open for at least one day after the posting date.
© 2026 Nordstrom, Inc

What Nordstrom employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom