1

Grc Risk Analyst Jobs in Seattle, WA (NOW HIRING)

Senior GRC Analyst

Seattle, WA ยท Hybrid

$140K - $165K/yr

As a Senior GRC Analyst at DigitalOcean, you will lead the strategic maturation of DigitalOcean ... Risk Governance: Lead both annual and ad-hoc risk assessments; maintain a dynamic risk register and ...

Senior GRC Analyst

Seattle, WA ยท On-site

$140K - $165K/yr

As a Senior GRC Analyst at DigitalOcean, you will lead the strategic maturation of DigitalOcean ... Risk Governance: Lead both annual and ad-hoc risk assessments; maintain a dynamic risk register and ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates ... Experience working in multiple security domains with a focus on risk-based analysis of anomalies ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates ... Experience working in multiple security domains with a focus on risk-based analysis of anomalies ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates ... Experience working in multiple security domains with a focus on risk-based analysis of anomalies ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates ... Experience working in multiple security domains with a focus on risk-based analysis of anomalies ...

next page

Showing results 1-20

Grc Risk Analyst information

See Seattle, WA salary details

$17

$46

$74

How much do grc risk analyst jobs pay per hour?

As of Jul 15, 2026, the average hourly pay for grc risk analyst in Seattle, WA is $46.07, according to ZipRecruiter salary data. Most workers in this role earn between $33.94 and $56.06 per hour, depending on experience, location, and employer.

What is the difference between Grc Risk Analyst vs Compliance Analyst?

AspectGrc Risk AnalystCompliance Analyst
CertificationsISO 31000, FRM, CRISCISO 19600, CCEP, CISA
Work EnvironmentRisk management teams, corporate officesRegulatory departments, corporate offices
Industry UsageFinance, banking, insurance, corporate riskFinancial services, healthcare, manufacturing
Job FocusIdentifying, assessing, and mitigating risks across enterpriseEnsuring compliance with laws and regulations

While both roles involve regulatory and risk considerations, a Grc Risk Analyst focuses on enterprise-wide risk management strategies, whereas a Compliance Analyst concentrates on adherence to specific laws and regulations. Both roles require similar certifications and often work in overlapping industries, but their core responsibilities differ in scope and focus.

What are GRC Risk Analysts?

GRC Risk Analysts are professionals who specialize in Governance, Risk, and Compliance (GRC) within an organization. They assess and manage risks related to business operations, ensure compliance with relevant laws and regulations, and help implement policies and controls to mitigate potential threats. These analysts work closely with management to identify vulnerabilities, develop risk management strategies, and monitor the effectiveness of compliance programs. Their goal is to protect the organization from financial, legal, and reputational harm while supporting business objectives.

What are the key skills and qualifications needed to thrive as a GRC Risk Analyst, and why are they important?

To thrive as a GRC (Governance, Risk, and Compliance) Risk Analyst, you need a solid understanding of risk management principles, regulatory requirements, and compliance frameworks, often supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (such as RSA Archer or MetricStream), risk assessment methodologies, and certifications like CRISC or CISA is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills help you identify risks and convey findings to stakeholders. These skills are critical for ensuring organizational compliance, minimizing risk exposure, and supporting informed decision-making.

What are some common challenges a GRC Risk Analyst might face when implementing new risk management frameworks within an organization?

A GRC Risk Analyst often encounters challenges such as resistance to change from stakeholders, integrating new frameworks with existing processes, and ensuring consistent understanding across departments. Aligning risk management practices with organizational goals while adhering to regulatory requirements can also be complex. Success in this role requires strong communication skills, adaptability, and the ability to educate and collaborate with team members from diverse backgrounds.
What job categories do people searching Grc Risk Analyst jobs in Seattle, WA look for? The top searched job categories for Grc Risk Analyst jobs in Seattle, WA are:
Senior GRC Analyst

Senior GRC Analyst

DigitalOcean

Seattle, WA โ€ข Hybrid

$140K - $165K/yr

Other

Posted 2 days ago


Job description

We're looking for a Senior GRC Analyst to serve as the primary architect for our expanding ISO ecosystem.

As a Senior GRC Analyst at DigitalOcean, you will lead the strategic maturation of DigitalOcean's compliance framework to include multiple ISO standards, such as ISO 27001, ISO 27017, and ISO 22301. You will also lead maturation efforts concerning the existing compliance program, which includes; but, is not limited to, SOC 2 and HIPAA. You will be a builder who understands the importance of balancing compliance with engineering velocity, collaborating directly with engineering and product teams to integrate compliance into existing workflows. You will partner with teams throughout the organization to weave applicable controls into the fabric of our operations, ensuring DigitalOcean remains a trusted platform for our customers. This role reports to the Manager of GRC within the Security organization.

What You'll Do:
  • Multi-Standard Strategy: Architect and lead the implementation of an Integrated Management System (IMS) that harmonizes requirements across multiple ISO standards.
  • Compliance Scope Expansion: Manage cross-functional projects required to achieve and maintain product-level compliance certifications and/or eligibility for DigitalOcean's core and emerging cloud services.
  • Risk Governance: Lead both annual and ad-hoc risk assessments; maintain a dynamic risk register and drive cross-functional remediation for identified gaps.
  • Control Innovation: Design and implement controls which meet rigorous standards without sacrificing velocity.
  • Policy: Author and maintain enterprise-level security policies, standards, and procedures that reflect current regulatory landscapes, internal risk appetite, and operational engineering realities.
  • Operational Responsiveness & Customer Trust: Act as a subject matter expert in GRC on-call rotations, directly address complex customer inquiries, and support incident response activities to ensure compliance obligations are met under pressure.
What You'll Add to DigitalOcean:
  • Expertise: You have 5+ years of experience in GRC, with a proven track record of leading multi-certification and multi-standard compliance programs, preferably at a technology company, where you directly partnered with engineering or infrastructure teams.
  • Program Maturity: You have experience building, maturing, and expanding the influence of an ISO program.
  • Risk Lifecycle Management: You have experience in risk identification, various risk assessment methodologies, discerning between appropriate risk responses, and monitoring risk treatment plans.
  • Navigating Ambiguity: You are comfortable working cross-functionally to interpret ambiguity within new standards (e.g., ISO 42001), regulations, and legislation.
  • Influence: You have the ability to translate complex legal and regulatory requirements into actionable, testable controls , for engineering, product, and IT teams.
  • Project Management: You have strong project management skills and the ability to manage complex, multi-quarter roadmaps involving dozens of stakeholders
Nice to Have:
  • Certifications: Relevant industry certifications such as a CRISC or ISO 27001 Lead Implementer
  • Privacy Knowledge: Familiarity with prominent privacy legislation (e.g., GDPR/CCPA) as it relates to ISO 27701
Compensation Range:ย 
  • $140,000-$165,000

*This is a hybrid role

JR: 2026-8012

#LI-Hybrid