1

Grc Analyst Jobs in Riverside, CA (NOW HIRING)

Monitor and analyze SAP security logs and reports to detect and respond to security incidents ... Hands-on experience with SAP security tools and technologies, such as SAP GRC (Governance, Risk ...

Hands-on experience with SAP security tools and technologies, such as SAP GRC (Governance, Risk ... Excellent analytical, problem-solving, and communication skills, with the ability to collaborate ...

Leader, Internal Audit

Irvine, CA · On-site

$84K - $148K/yr

Leverages data analytics, dashboards, and audit tools (e.g., Workiva, GRC platforms, and etc.) to enhance audit efficiency and consistency. * Perform other duties and special projects assigned.

Leader, Internal Audit

Irvine, CA · On-site

$84K - $148K/yr

Leverages data analytics, dashboards, and audit tools (e.g., Workiva, GRC platforms, and etc.) to enhance audit efficiency and consistency. * Perform other duties and special projects assigned.

Hire, develop, and manage two Governance Analysts; set performance expectations, provide coaching ... Hands-on familiarity with AI governance tooling, GRC platforms, and TPRM workflows. * Familiarity ...

next page

Showing results 1-20

Grc Analyst information

See Riverside, CA salary details

$38.1K

$101.9K

$238.4K

How much do grc analyst jobs pay per year?

As of Jul 3, 2026, the average yearly pay for grc analyst in Riverside, CA is $101,885.00, according to ZipRecruiter salary data. Most workers in this role earn between $57,400.00 and $115,800.00 per year, depending on experience, location, and employer.

Is GRC a good career?

A GRC (Governance, Risk, and Compliance) analyst plays a key role in managing an organization’s security policies, risk assessments, and regulatory compliance. It is a growing field with demand for professionals skilled in frameworks like ISO, NIST, and tools such as audit management software. The role often requires certifications like CISA or CISSP and offers opportunities for career advancement in cybersecurity and risk management.

Is GRC an entry level job?

GRC Analyst roles can be entry-level or require some experience, depending on the organization. Entry-level positions typically focus on basic compliance, risk management, and security controls, often requiring foundational knowledge of cybersecurity or IT. More advanced roles may demand certifications like CISSP or CISA and prior experience in security or audit functions.

What are the key skills and qualifications needed to thrive in the Grc Analyst position, and why are they important?

To thrive as a GRC Analyst, you need a solid understanding of governance, risk management, and compliance frameworks, often complemented by a degree in information security, business, or a related field. Experience with GRC platforms (like RSA Archer, ServiceNow, or LogicManager), and certifications such as CISA, CRISC, or CISSP are highly valued. Strong analytical thinking, attention to detail, effective communication, and collaboration skills set outstanding GRC Analysts apart. These capabilities are vital for ensuring organizations meet regulatory requirements, identify and mitigate risks, and foster a culture of compliance.

What does a GRC analyst do?

A GRC analyst (Governance, Risk, and Compliance analyst) is responsible for managing an organization’s compliance with regulations, assessing and mitigating risks, and developing governance frameworks. They often use tools like risk management software and require knowledge of industry standards such as ISO or NIST. The role involves analyzing policies, conducting audits, and ensuring security controls are effective.

Do GRC analysts work from home?

GRC analysts can often work remotely, especially if their employer supports telecommuting and the role involves tasks like risk assessment, policy development, and compliance monitoring that can be performed online. However, some positions may require on-site presence for meetings, audits, or access to secure systems.

What are the typical daily responsibilities of a GRC Analyst?

GRC Analysts are responsible for monitoring and assessing organizational policies, procedures, and controls to ensure compliance with internal and external regulations. Their daily tasks often include performing risk assessments, maintaining documentation, supporting audits, analyzing data for potential security gaps, and preparing reports for management. They regularly collaborate with IT, legal, and business teams to remediate vulnerabilities and strengthen compliance programs. This dynamic role requires both independent research and cross-departmental communication to help organizations proactively manage risk and regulatory obligations.

What is a GRC Analyst job?

A GRC (Governance, Risk, and Compliance) Analyst is responsible for ensuring that an organization adheres to regulatory requirements, industry standards, and internal policies. They assess risks, implement compliance programs, and monitor security controls to protect data and systems. Their role often involves working with various departments to identify vulnerabilities, develop risk mitigation strategies, and prepare reports for audits. GRC Analysts play a key role in maintaining regulatory compliance and enhancing an organization's overall security posture.

What are popular job titles related to Grc Analyst jobs in Riverside, CA? For Grc Analyst jobs in Riverside, CA, the most frequently searched job titles are:
What job categories do people searching Grc Analyst jobs in Riverside, CA look for? The top searched job categories for Grc Analyst jobs in Riverside, CA are:
What cities near Riverside, CA are hiring for Grc Analyst jobs? Cities near Riverside, CA with the most Grc Analyst job openings:
Infographic showing various Grc Analyst job openings in Riverside, CA as of June 2026, with employment types broken down into 82% Full Time, and 18% Contract. Highlights an 100% In-person job distribution, with an average salary of $101,885 per year, or $49 per hour.
Medical Device Cybersecurity Risk Specialist

Medical Device Cybersecurity Risk Specialist

Tata Consultancy Services

Irvine, CA • On-site

Other

Posted 9 days ago


Tata Consultancy Services rating

6.5

Company rating: 6.5 out of 10

Based on 21 frontline employees who took The Breakroom Quiz

157th of 207 rated it services


Job description


Job Title: Medical Device Cybersecurity Risk Specialist

Work Location: Irvine, California, United States



Must Have Technical/Functional Skills:

• Strong understanding of information security risk management frameworks such as NIST CSF, ISO 27001 / 27005, FAIR, and COSO.

• Hands-on experience in conducting cybersecurity risk assessments, threat modeling, and evaluating risks across systems, vendors, projects, and business processes.

• Solid knowledge of medical device cybersecurity, including vulnerability analysis, security risk mitigation, and patient safety considerations.

• Familiarity with medical device integration, healthcare application ecosystems, and interactions with EHR systems and third-party healthcare vendor applications.

• Understanding of common cybersecurity controls including network security, endpoint protection, identity and access management, encryption, logging/monitoring, and secure system configuration.

• Experience reviewing penetration testing findings, identifying practical mitigation options, and validating remediation approaches in partnership with vendors or technical teams.

• Ability to maintain and manage risk registers, risk treatment plans, dashboards, and remediation tracking mechanisms using GRC platforms or structured spreadsheet-based tools.

• Working knowledge of cloud security, security operations, and cybersecurity input into SDLC, infrastructure changes, and new service introductions.

• Familiarity with regulatory and compliance expectations relevant to healthcare and medical devices, including cybersecurity documentation and risk-based decision-making.

• Exposure to Agile / Scrum methodologies and cross-functional project execution is highly desirable.

• Ability to research emerging threats, assess business relevance, and proactively recommend risk reduction actions.


Roles & Responsibilities:

• Develop, maintain, and continuously improve the organization’s cybersecurity risk management program, with emphasis on practical and sustainable risk reduction.

• Perform qualitative and quantitative risk assessments for systems, projects, vendors, healthcare technologies, and business processes.

• Analyze medical device cybersecurity vulnerabilities, penetration testing findings, and technical risks to determine impact, likelihood, and patient/business impact.

• Partner with internal teams, vendors, and business owners to identify, validate, and track approved mitigation strategies and alternative risk treatment options where needed.

• Maintain accurate and up-to-date risk registers, risk treatment plans, issue logs, and risk dashboards.

• Support the selection, implementation, and validation of technical, administrative, and procedural security controls.

• Provide cybersecurity and risk management input into projects, cloud initiatives, system integrations, device onboarding, and service changes.

• Coordinate and support t hird-party/vendor risk assessments, follow-up actions, and remediation closure tracking.

• Translate technical cybersecurity issues into clear business impact statements and communicate them effectively to leadership and non-technical stakeholders.

• Produce recurring risk posture reports, trends, metrics, and remediation summaries for management and governance forums.

• Support incident response activities and perform post-incident risk analysis to identify lessons learned and strengthen controls.

• Promote a strong security and risk-aware culture by engaging with stakeholders, educating teams, and encouraging proactive risk identification.

• Collaborate effectively across cybersecurity, engineering, quality, clinical/biomedical, IT, and vendor teams to ensure balanced decision-making that protects both operations and patient safety.

• Stay current on evolving cybersecurity threats, healthcare technology risks, and relevant compliance expectations.



What Tata Consultancy Services employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Tata Consultancy Services logo

About Tata Consultancy Services

Sourced by ZipRecruiter

Tata Consultancy Services is an IT services, consulting and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match. TCS offers a consulting-led, integrated portfolio of IT, BPO, infrastructure, engineering, and assurance services. This is delivered through its unique Global Network Delivery Model™, recognized as the benchmark of excellence in software development. TCS delivers a level of certainty that no other firm can match--to our clients and to our employees. Come join us and experience certainty in your career. TCS a global Consulting and IT Services firm that is ranked in the top quartile by industry analysts. Our 2021 fiscal revenues topped $25 B and our market capitalization is over $170+B, yet we have a deep and large history of philanthropy and corporate social responsibility. Now approaching 600K of the best IT professionals and consultants, we are a trusted advisor, guiding our clients' enterprises through growth and transformation journeys - helping them to become agile, intelligent, automated and on the cloud. We are devoted to DEI and are recognized as a top employer and place to work.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Edison, NJ, US