1

Grc Analyst Jobs in Riverside, CA (NOW HIRING)

Ease is hiring a GRC Analyst to support our governance, risk, and compliance program as we mature our security posture and expand into new compliance frameworks. This is a hands-on role at the ...

GRC Analyst

Irvine, CA · On-site

$110K - $135K/yr

Ease is hiring a GRC Analyst to support our governance, risk, and compliance program as we mature our security posture and expand into new compliance frameworks. This is a hands-on role at the ...

Title: Oracle Cloud GRC Lead Location: Remote (Irvine, CA - Willing to travel for workshops ... Deep expertise in SoD design and conflict analysis, Risk & control frameworks. (SOX compliance)

The role provides advanced analytical support and executes monitoring activities to identify ... GRC) Platforms, Healthcare Industry, Health Care Regulation, Internal Auditing, Legal Services ...

SQL DBA

Orange, CA · On-site

$53.50 - $66.75/hr

... BI, GRC Controls, GRC Manager, OBIEE. The reason for the need is due to the over flow of work ... Resolve complex problems, perform trend analysis and create tools to prevent problems related to ...

next page

Showing results 1-20

Grc Analyst information

See Riverside, CA salary details

$38.1K

$101.9K

$238.4K

How much do grc analyst jobs pay per year?

As of Jul 3, 2026, the average yearly pay for grc analyst in Riverside, CA is $101,885.00, according to ZipRecruiter salary data. Most workers in this role earn between $57,400.00 and $115,800.00 per year, depending on experience, location, and employer.

Is GRC a good career?

A GRC (Governance, Risk, and Compliance) analyst plays a key role in managing an organization’s security policies, risk assessments, and regulatory compliance. It is a growing field with demand for professionals skilled in frameworks like ISO, NIST, and tools such as audit management software. The role often requires certifications like CISA or CISSP and offers opportunities for career advancement in cybersecurity and risk management.

Is GRC an entry level job?

GRC Analyst roles can be entry-level or require some experience, depending on the organization. Entry-level positions typically focus on basic compliance, risk management, and security controls, often requiring foundational knowledge of cybersecurity or IT. More advanced roles may demand certifications like CISSP or CISA and prior experience in security or audit functions.

What are the key skills and qualifications needed to thrive in the Grc Analyst position, and why are they important?

To thrive as a GRC Analyst, you need a solid understanding of governance, risk management, and compliance frameworks, often complemented by a degree in information security, business, or a related field. Experience with GRC platforms (like RSA Archer, ServiceNow, or LogicManager), and certifications such as CISA, CRISC, or CISSP are highly valued. Strong analytical thinking, attention to detail, effective communication, and collaboration skills set outstanding GRC Analysts apart. These capabilities are vital for ensuring organizations meet regulatory requirements, identify and mitigate risks, and foster a culture of compliance.

What does a GRC analyst do?

A GRC analyst (Governance, Risk, and Compliance analyst) is responsible for managing an organization’s compliance with regulations, assessing and mitigating risks, and developing governance frameworks. They often use tools like risk management software and require knowledge of industry standards such as ISO or NIST. The role involves analyzing policies, conducting audits, and ensuring security controls are effective.

Do GRC analysts work from home?

GRC analysts can often work remotely, especially if their employer supports telecommuting and the role involves tasks like risk assessment, policy development, and compliance monitoring that can be performed online. However, some positions may require on-site presence for meetings, audits, or access to secure systems.

What are the typical daily responsibilities of a GRC Analyst?

GRC Analysts are responsible for monitoring and assessing organizational policies, procedures, and controls to ensure compliance with internal and external regulations. Their daily tasks often include performing risk assessments, maintaining documentation, supporting audits, analyzing data for potential security gaps, and preparing reports for management. They regularly collaborate with IT, legal, and business teams to remediate vulnerabilities and strengthen compliance programs. This dynamic role requires both independent research and cross-departmental communication to help organizations proactively manage risk and regulatory obligations.

What is a GRC Analyst job?

A GRC (Governance, Risk, and Compliance) Analyst is responsible for ensuring that an organization adheres to regulatory requirements, industry standards, and internal policies. They assess risks, implement compliance programs, and monitor security controls to protect data and systems. Their role often involves working with various departments to identify vulnerabilities, develop risk mitigation strategies, and prepare reports for audits. GRC Analysts play a key role in maintaining regulatory compliance and enhancing an organization's overall security posture.

What are popular job titles related to Grc Analyst jobs in Riverside, CA? For Grc Analyst jobs in Riverside, CA, the most frequently searched job titles are:
What job categories do people searching Grc Analyst jobs in Riverside, CA look for? The top searched job categories for Grc Analyst jobs in Riverside, CA are:
What cities near Riverside, CA are hiring for Grc Analyst jobs? Cities near Riverside, CA with the most Grc Analyst job openings:
Infographic showing various Grc Analyst job openings in Riverside, CA as of June 2026, with employment types broken down into 82% Full Time, and 18% Contract. Highlights an 100% In-person job distribution, with an average salary of $101,885 per year, or $49 per hour.
GRC Analyst

GRC Analyst

Ease Inc

Irvine, CA • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 14 days ago


Job description

Ease is hiring a GRC Analyst to support our governance, risk, and compliance program as we mature our security posture and expand into new compliance frameworks. This is a hands-on role at the intersection of security, engineering, and the business — you'll be the operational engine behind how Ease maintains its compliance commitments and earns customer trust.
You'll work closely with our security engineers and an external CMMC consultant to keep our SOC 2 program healthy, advance our CMMC Level 2 readiness, and bring rigor to how we assess applications, AI tools, and vendors before they enter the environment.
Position Summary
You will be the day-to-day driver of compliance work at Ease. You'll support our SOC 2 Type II cycle, conduct security and privacy reviews of new applications and AI tools, run our vendor risk intake, and partner with our CMMC consultant on Level 2 implementation tasks. As we adopt a GRC platform, you'll help drive the rollout and become its primary administrator.
You are organized, methodical, and a strong written communicator. You can pick up technical concepts quickly, work alongside security engineers without getting lost in the details and turn the messy reality of compliance work into clean process and clear evidence. You enjoy the mix of audit work, project management, and stakeholder communication that comes with GRC.
Position Location: Hybrid – 3 days in Irvine office
Annual Salary Range: $110,000 - $135,000
What You'll Do
  • Support the SOC 2 program. Drive day-to-day execution of the annual Type II cycle, including evidence collection, control walkthroughs, gap remediation tracking, and auditor support.
  • Partner on CMMC Level 2 implementation. Work alongside our external CMMC consultant and security engineers on System Security Plan (SSP) development, CUI scoping, evidence collection, and C3PAO assessment readiness.
  • Assess applications and AI tools. Conduct security and privacy reviews on new applications, AI/ML services, and other tools before they enter the environment. Maintain an inventory of AI tools and contribute to our AI governance work.
  • Run vendor and third-party risk intake. Own the vendor security review process, complete questionnaires, and maintain the vendor risk register.
  • Maintain policy and procedure. Help author and maintain our security policy library so it stays aligned with SOC 2, CMMC, and how we actually operate.
  • Support the risk register. Contribute to formal risk assessments and keep the enterprise risk register current.
  • Coordinate audit and assessment logistics. Manage evidence requests during audits, schedule walkthroughs, run quarterly access reviews, and track remediation items through closure.
  • Administer our GRC platform. Help select and roll out our GRC platform then own day-to-day administration including integrations, control mapping, and evidence automation.
  • Drive compliance through Jira. Create, route, and monitor security and compliance tickets and partner with engineering on remediation timelines.
  • Audit change management hygiene. Monitor engineering Jira queues to ensure tickets meet our compliance formatting and content standards, verify that pull requests are properly linked to Jira tickets, and confirm required notes and documentation are captured for each change.
  • Support customer trust. Respond to customer security questionnaires and help maintain our trust center content.
  • Run security awareness. Manage the employee security awareness program, including training assignments, phishing simulations, and completion tracking.

Required Qualifications & Skills
  • 3+ years of experience in a GRC, security compliance, IT audit, or closely related role.
  • Hands-on experience contributing to SOC 2, ISO 27001, HIPAA, or similar compliance program work.
  • Working knowledge of cloud and SaaS security concepts (AWS, Azure, or GCP, plus the common SaaS stack).
  • Experience completing vendor security assessments and customer security questionnaires.
  • Comfortable working in Jira and other engineering tooling.
  • Strong written communication, with the ability to write clearly for both engineering and non-technical audiences.
  • Strong attention to detail and a methodical approach to evidence, documentation, and follow-through.
  • Must be authorized to access Controlled Unclassified Information (CUI), which generally requires U.S. citizenship or permanent residency.

Preferred Qualifications
  • Exposure to NIST 800-171, DFARS 252.204-7012, CMMC, FedRAMP, or similar federal compliance work.
  • Hands-on experience with a GRC platform such as Drata, Vanta, Hyperproof, or Secureframe.
  • Familiarity with AI/ML security and governance concepts, including NIST AI RMF.
  • Familiarity with California privacy law (CCPA/CPRA).
  • Industry certifications such as CompTIA Security+, CySA+, CISA (or in pursuit), ISO 27001 Foundation, or similar.

About Ease
Ease.io digitally transforms plant floor audits around the world with EASE, our enterprise-grade mobile platform for quality, safety, and operational audits. The platform combines simplicity and efficiency with powerful performance insights, helping drive quality and safety on the plant floor.
Industry leaders including Aston Martin, Dana, 3M, Tenneco, and Samsung trust EASE to facilitate and analyze millions of plant floor audits every year. With deployments in more than 40 countries and support for more than 25 languages, EASE has established itself as a category leader in quality management.  
Headquartered in Irvine, California, Ease.io is a dynamic company that continues to grow as it expands its product offerings and market presence.
What We Offer
At Ease, we foster a culture built on respect, humility, and collaboration. We value work-life balance as a core principle, helping ensure you can thrive both professionally and personally. And yes—we believe work should be fun, too.
Growth and development are part of our DNA. We are committed to investing in your career through ongoing training, mentorship, and a clearly defined path forward. Whether you are sharpening existing skills or exploring new ones, you will have opportunities to learn and advance.
We prioritize the well-being and happiness of our team. In addition to a competitive compensation package, we offer a generous and comprehensive suite of benefits designed to support your health and peace of mind.
Here’s a look at what you can expect:
  • Health Coverage: Comprehensive medical, dental, and vision plans
  • Life & AD&D Insurance: Financial protection for you and your loved ones
  • Unlimited Paid Time Off: Time to recharge and rest when you need it
  • 401(k) with Employer Match: Plan for your future with confidence through our matched retirement savings program

At Ease, we believe that when our employees are supported, inspired, and empowered, everyone wins.
#LI-Hybrid

Powered by JazzHR

XE5VrUrf8w