As part of the OCIO, the IT Governance, Risk, and Compliance (GRC) team's mission is to drive IT risk management and compliance strategy, capabilities, and deliverables across the organization. Our ...
As part of the OCIO, the IT Governance, Risk, and Compliance (GRC) team's mission is to drive IT risk management and compliance strategy, capabilities, and deliverables across the organization. Our ...
VP Governance Risk & Compliance
$113K - $152K/yr
This role leads a team of professionals accountable for multiple functions associated with governance, risk, and compliance for the payment processing product and services that SWIVEL offers. The ...
New
VP Governance Risk & Compliance
$113K - $152K/yr
This role leads a team of professionals accountable for multiple functions associated with governance, risk, and compliance for the payment processing product and services that SWIVEL offers. The ...
New
Junior Governance, Risk & Compliance Analyst
Davenport, IA · On-site
$20/hr
Lee Enterprises is seeking a motivated Junior GRC Analyst to join our growing Governance, Risk & Compliance (GRC) team. This part-time, developmental position offers an opportunity to gain direct ...
Junior Governance, Risk & Compliance Analyst
Davenport, IA · On-site
$20/hr
Lee Enterprises is seeking a motivated Junior GRC Analyst to join our growing Governance, Risk & Compliance (GRC) team. This part-time, developmental position offers an opportunity to gain direct ...
The Senior Cyber Governance, Risk & Compliance Analyst is a senior level security professional whose primary responsibility is to design, operate, and continuously mature the organization's Third ...
The Senior Cyber Governance, Risk & Compliance Analyst is a senior level security professional whose primary responsibility is to design, operate, and continuously mature the organization's Third ...
We are seeking an experienced and strategic Governance, Risk, and Compliance (GRC) team member as we expand into government and public sector applications of AI. This critical role will ensure that ...
We are seeking an experienced and strategic Governance, Risk, and Compliance (GRC) team member as we expand into government and public sector applications of AI. This critical role will ensure that ...
The Senior Cyber Governance, Risk & Compliance Analyst is a senior level security professional whose primary responsibility is to design, operate, and continuously mature the organization ...
Quick apply
The Senior Cyber Governance, Risk & Compliance Analyst is a senior level security professional whose primary responsibility is to design, operate, and continuously mature the organization ...
Requirement/Must Have: * 4+ years working in governance, risk and compliance and/or information security and risk management. * Functional knowledge of some CISSP security domains and information ...
Quick apply
Requirement/Must Have: * 4+ years working in governance, risk and compliance and/or information security and risk management. * Functional knowledge of some CISSP security domains and information ...
The Security Engineer will focus on governance, risk, and compliance to ensure the organization operates within necessary regulatory and ethical boundaries while collaborating with cross-functional ...
The Security Engineer will focus on governance, risk, and compliance to ensure the organization operates within necessary regulatory and ethical boundaries while collaborating with cross-functional ...
Security Engineer - Governance Risk Compliance
$100K - $258K/yr
We are seeking an experienced and strategic Governance, Risk, and Compliance (GRC) team member as we expand into government and public sector applications of AI. This critical role will ensure that ...
Security Engineer - Governance Risk Compliance
$100K - $258K/yr
We are seeking an experienced and strategic Governance, Risk, and Compliance (GRC) team member as we expand into government and public sector applications of AI. This critical role will ensure that ...
We are seeking an experienced and strategic Governance, Risk, and Compliance (GRC) team member as we expand into government and public sector applications of AI. This critical role will ensure that ...
Quick apply
We are seeking an experienced and strategic Governance, Risk, and Compliance (GRC) team member as we expand into government and public sector applications of AI. This critical role will ensure that ...
Governance, Risk & Compliance (GRC) Analyst
San Francisco, CA · On-site
$135K - $165K/yr
Support AI governance and responsible AI compliance initiatives. Required Qualifications: * 3-5 years of experience in Governance, Risk & Compliance (GRC), Information Security, IT Audit, or related ...
Governance, Risk & Compliance (GRC) Analyst
San Francisco, CA · On-site
$135K - $165K/yr
Support AI governance and responsible AI compliance initiatives. Required Qualifications: * 3-5 years of experience in Governance, Risk & Compliance (GRC), Information Security, IT Audit, or related ...
Artificial Intelligence (AI) Governance * Partner with enterprise stakeholders to incorporate AI-related cybersecurity, privacy, legal, compliance, and operational risk considerations into third ...
Artificial Intelligence (AI) Governance * Partner with enterprise stakeholders to incorporate AI-related cybersecurity, privacy, legal, compliance, and operational risk considerations into third ...
Reporting to the VP Procurement, Corporate Functions, the Senior Director, Procurement Governance, Risk & Compliance leads the enterprise procurement governance and third-party risk capabilities that ...
Reporting to the VP Procurement, Corporate Functions, the Senior Director, Procurement Governance, Risk & Compliance leads the enterprise procurement governance and third-party risk capabilities that ...
Sr. Director, Governance, Risk & Compliance
Cambridge, MA · On-site
$229K - $310K/yr
Our Cybersecurity organization is evolving to match that ambition, and we are seeking a Senior Director of Governance, Risk & Compliance (GRC) to define, lead, and mature the governance, risk ...
Sr. Director, Governance, Risk & Compliance
Cambridge, MA · On-site
$229K - $310K/yr
Our Cybersecurity organization is evolving to match that ambition, and we are seeking a Senior Director of Governance, Risk & Compliance (GRC) to define, lead, and mature the governance, risk ...
Role Description As a Senior Governance & Risk Compliance Program Manager on the Governance, Risk, & Compliance team, you will play a crucial role in building Compliance across our product set.
Role Description As a Senior Governance & Risk Compliance Program Manager on the Governance, Risk, & Compliance team, you will play a crucial role in building Compliance across our product set.
Position Summary We are seeking an experienced Senior Manager, Cybersecurity & Governance, Risk & Compliance (GRC) to lead and mature our enterprise cybersecurity governance, risk management ...
Position Summary We are seeking an experienced Senior Manager, Cybersecurity & Governance, Risk & Compliance (GRC) to lead and mature our enterprise cybersecurity governance, risk management ...
Reporting to the VP Procurement, Corporate Functions, the Senior Director, Procurement Governance, Risk & Compliance leads the enterprise procurement governance and third-party risk capabilities that ...
Reporting to the VP Procurement, Corporate Functions, the Senior Director, Procurement Governance, Risk & Compliance leads the enterprise procurement governance and third-party risk capabilities that ...
Vice President, Cyber Governance, Risk & Compliance
Austin, TX · On-site
$240K - $260K/yr
We are seeking a seasoned Vice President of Cyber Governance, Risk & Compliance to lead the strategy, execution, and continuous maturation of our cybersecurity governance, risk, and compliance ...
Vice President, Cyber Governance, Risk & Compliance
Austin, TX · On-site
$240K - $260K/yr
We are seeking a seasoned Vice President of Cyber Governance, Risk & Compliance to lead the strategy, execution, and continuous maturation of our cybersecurity governance, risk, and compliance ...
Vice President, Cyber Governance, Risk & Compliance
Denver, CO · On-site
$240K - $260K/yr
We are seeking a seasoned Vice President of Cyber Governance, Risk & Compliance to lead the strategy, execution, and continuous maturation of our cybersecurity governance, risk, and compliance ...
Vice President, Cyber Governance, Risk & Compliance
Denver, CO · On-site
$240K - $260K/yr
We are seeking a seasoned Vice President of Cyber Governance, Risk & Compliance to lead the strategy, execution, and continuous maturation of our cybersecurity governance, risk, and compliance ...
The Director, Global Cybersecurity Governance, Risk, Compliance & Identity is accountable for defining and executing Donaldson's enterprise cybersecurity governance and risk management strategy ...
The Director, Global Cybersecurity Governance, Risk, Compliance & Identity is accountable for defining and executing Donaldson's enterprise cybersecurity governance and risk management strategy ...
Governance Risk Compliance information
See salary details
$31.5K - $38.8K
12% of jobs
$38.8K - $46.1K
7% of jobs
$48.7K is the 25th percentile. Wages below this are outliers.
$46.1K - $53.5K
17% of jobs
$53.5K - $60.8K
10% of jobs
The median wage is $62.7K / yr.
$60.8K - $68.1K
16% of jobs
$68.1K - $75.4K
9% of jobs
$80.1K is the 75th percentile. Wages above this are outliers.
$75.4K - $82.7K
7% of jobs
$82.7K - $90K
5% of jobs
$90K - $97.4K
7% of jobs
$97.4K - $104.7K
5% of jobs
$104.7K - $112K
4% of jobs
$31.5K
$68.7K
$112K
How much do governance risk compliance jobs pay per year?
Is GRC an entry level job?
Is governance risk and compliance a good career?
What is the work of governance risk and compliance?
What Are Jobs in Governance, Risk and Compliance?
Governance risk compliance (GRC) is a method for managing and strategizing an organization's regulations regarding governance, financial or physical risk, and regulatory compliance. It aligns the IT aspects with business objectives and works to improve the efficiency of a company. There are GRC consultants and GRC analysts who provide an assessment of a business’s GRC, identify risks, analyze the data, develop policies to benefit the workplace, and consult on the best choice of action. Your duties may involve optimizing GRC systems, implementing tactics to lower risk, providing internal audits, assisting with cybersecurity, creating routine reports, and ensuring regulatory compliance.
What is the salary of governance risk compliance?
What is Governance, Risk, and Compliance (GRC)?
How does a Governance, Risk, and Compliance (GRC) professional typically collaborate with other departments within an organization?
What is the difference between Governance Risk Compliance vs Risk Analyst?
| Aspect | Governance Risk Compliance | Risk Analyst |
|---|---|---|
| Certifications | CRISC, CISA, CISSP | CFA, FRM, CRISC |
| Work Environment | Corporate, regulated industries | Financial, consulting firms |
| Employer & Industry Usage | Financial institutions, healthcare, government | Banking, investment firms, insurance |
Governance Risk Compliance focuses on establishing policies, ensuring regulatory adherence, and managing enterprise-wide risks. Risk Analysts primarily assess specific financial or operational risks through data analysis. While both roles involve risk management, Governance Risk Compliance has a broader scope related to organizational compliance and governance frameworks, whereas Risk Analysts concentrate on analyzing and quantifying particular risks.
What are the key skills and qualifications needed to thrive as a Governance Risk Compliance (GRC) professional, and why are they important?
- What steps are key to getting into the field of Governance Risk Compliance?
- Is a Governanc Risk Compliance a good career?
- How Can I Get a Job in Governance, Risk and Compliance?
- What is the salary for a Governance Risk Compliance job?
- The 8 Best Types of Governance Risk Compliance in 2026
- The 10 Top Types Of Governance Risk Compliance Jobs
- Governance Risk Compliance Jobs - What Are They and How to Get One
- Governance Risk Compliance Job Description Sample Template

Qualcomm rating
9.6
Based on 5 frontline employees who took The Breakroom Quiz
5th of 209 rated software companies
Job description
Qualcomm Incorporated
Job Area:
Information Technology Group, Information Technology Group > IT Project Management
General Summary:
This is an exciting opportunity to join the Offices of the CIO (OCIO) at Qualcomm. As part of the OCIO, the IT Governance, Risk, and Compliance (GRC) team's mission is to drive IT risk management and compliance strategy, capabilities, and deliverables across the organization.
Our team is seeking a seasoned IT Governance, Risk, & Compliance Manager for our San Diego, CA office. The ideal candidate will have 5-7 years of experience in IT governance, risk management, and compliance or IT audit roles. This role is critical in ensuring our IT operations identify and treat risks, meet all regulatory requirements, and comply with internal policies. The IT GRC Manager will serve as a trusted advisor to the IT leadership team, establishing a culture of strong governance, risk awareness, operational resilience, and compliance organization wide.
* This position is not eligible for Qualcomm immigration sponsorship. *
** Position requires to be onsite in San Diego, 5 days a week. **
Minimum Qualifications:
• 4+ years of Project Management-relevant work experience with a Bachelor's degree.
OR
6+ years of Project Management-relevant work experience without a Bachelor's degree.
Key Responsibilities
- Audit Liaison & Management: Facilitate internal and external IT audits by working closely with auditors. Support alignment on audit scope, ensure auditors receive necessary documentation, and track audit status from initiation to completion. Manage post-audit activities, including addressing findings and implementing corrective action plans to remediate control deficiencies in a timely manner.
- Compliance & Risk Oversight: Oversee and drive compliance with relevant laws, regulations, and industry standards. Maintain up-to-date knowledge of regulations and standards such as SOX and ISO 27001, ensuring that IT policies and controls meet those requirements. Conduct regular IT risk assessments and maintain a risk register, developing mitigation strategies for identified risks, and monitoring their effectiveness.
- Third-Party Risk Management: Perform and document SOC report reviews to ensure critical service providers meet the organization's operational resilience standards and regulatory compliance requirements. Address any identified risks in vendor relationships by recommending and following up on mitigation actions.
- Software Audits: Perform self-assessments to ensure timely identification and remediation of issues regarding software usage. Manage the preparation of vendor audits with internal stakeholders. Facilitate the vendor audit to ensure alignment on scope and timely support of documentation requests. Manage post-audit activities including remediation in a timely manner.
- Reporting & Communication: Prepare clear and comprehensive reports for IT leadership and relevant stakeholders on the state of IT compliance, risk levels, audit outcomes, and remediation progress. Present findings and recommendations in a concise, professional manner to support informed decision-making by senior management.
- Policy Development & Governance: Support the development of IT governance policies, standard operating procedures, and control documentation. Ensure all policies are aligned with best practices and regulatory requirements, communicated to all relevant personnel, and regularly reviewed for effectiveness. Promote a strong governance and compliance culture through training and awareness initiatives.
- GRC Tool Administration: Utilize GRC platforms such as ServiceNow IRM and AuditBoard for tracking compliance activities, managing risk assessments, documenting controls, and monitoring the status of audits and remediation efforts. Leverage these tools to streamline workflows and improve visibility into the organization's risk and compliance posture.
- Cross-Functional Collaboration: Work closely with cross-functional teams-including IT Operations, Information Security, Internal Audit, Finance, and Legal-to ensure a holistic approach to governance, risk, and compliance. Serve as a central point of contact for GRC matters, facilitating collaboration and consensus among stakeholders and ensuring that compliance and risk management objectives are integrated into business processes.
Preferred Qualifications & Skills
- Experience: 5-7 years of hands-on experience in IT governance, risk management, and compliance or IT audit roles. This experience should include managing audit processes and implementing IT control frameworks.
- Regulatory & Technical Acumen: Strong understanding of IT general controls, risk assessment methodologies, and regulatory compliance best practices. Capable of staying current with changes in relevant laws and regulations.
- Third-Party Risk Assessments: Ability to evaluate and manage risks associated with external service providers to ensure their preparedness aligns with organizational resilience and statutory requirements.
- GRC Tools Proficiency: Proficiency in using GRC and audit management tools.
- Advanced Education: A Master's degree in Information Security, Information Systems, Business Administration, or a related field is a plus.
- Certification: Possession of at least one relevant information security or audit certification, such as CISA, CISM, or CISSP (required).
- Additional Frameworks: Familiarity with other governance, risk, and security frameworks or regulations (e.g., NIST CSF, COBIT, GDPR) is beneficial.
- Program Leadership: Experience in developing or maturing GRC or IT Resilience programs, as well as prior experience leading or mentoring a team in risk management or compliance initiatives.
- Strategic Mindset: Strong business acumen, with the ability to align GRC efforts to support organizational goals and improve operational resilience. Experience in driving process improvements and adapting GRC strategies in response to emerging risks or changes in the business environment.
Key Qualifications & Skills - At a Glance
- Experience: 5-7 years of hands-on experience in IT governance, risk management, and compliance or IT audit roles.
- Compliance Frameworks: Strong knowledge of SOX; familiarity with ISO/IEC 27001.
- GRC Tools & Platforms: Proficient in using ServiceNow IRM and AuditBoard
- Soft Skills: Excellent communication, collaboration, attention to detail, problem-solving, adaptability, leadership, integrity.
Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries).
To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications.
EEO Employer: Qualcomm is an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other protected classification.
Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law.
Pay range and Other Compensation & Benefits:
$123,200.00 - $184,800.00
The above pay scale reflects the broad, minimum to maximum, pay scale for this job code for the location for which it has been posted. Even more importantly, please note that salary is only one component of total compensation at Qualcomm. We also offer a competitive annual discretionary bonus program and opportunity for annual RSU grants (employees on sales-incentive plans are not eligible for our annual bonus). In addition, our highly competitive benefits package is designed to support your success at work, at home, and at play. Your recruiter will be happy to discuss all that Qualcomm has to offer - and you can review more details about our US benefits at this link.
If you would like more information about this role, please contact Qualcomm Careers.
About Qualcomm
Sourced by ZipRecruiter
Qualcomm is enabling a world where everyone and everything can be intelligently connected. You interact with products and technologies made possible by Qualcomm every day, including 5G-enabled smartphones that double as pro-level cameras and gaming devices, smarter vehicles and cities, and the technology behind the smart, connected factories that manufactured your latest purchase. Our powerful connectivity solutions keep you connected—even in remote areas. Qualcomm 5G and AI innovations are the power behind the connected intelligent edge. You’ll find our technologies behind and inside the innovations that deliver significant value across multiple industries and to billions of people every day.
Industry
Technology, communication and media
Company size
10,000+ Employees
Headquarters location
San Diego, CA, US
Year founded
1985