Security Governance Risk & Compliance (GRC) Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Virtru · 3 months ago

Security Governance Risk & Compliance (GRC) Analyst

positionUnited States
timeFull-time
remoteRemote
seniorityMid, Senior Level
money$130K/yr - $180K/yr
date5+ years exp

Virtru is a leading data protection provider committed to changing the rules for data privacy. As a Security Governance Risk & Compliance (GRC) Analyst, you will manage compliance-related inquiries and lead efforts to achieve and maintain CMMC compliance, while supporting existing FedRAMP, SOC2, and PCI DSS compliance.

Cyber SecurityInformation TechnologyPrivacySaaSSecuritySoftware
check
Growth Opportunities

Responsibilities

Manage and implement complex controls frameworks for large systems, consisting of Cloud infrastructure and Software as a Service (SaaS) services (GCP, AWS, GitHub, Okta, etc)
Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS services
Conduct risk assessments across business units and processes. Identify risk findings and recommend remediation and risk mitigation strategies
Assist or implement automated controls to support risk mitigation efforts across various business units with stakeholders
Incorporate CMMC certification into Virtru’s slate of compliance assessments and ongoing monitoring activities (FedRAMP, SOC 2, PCI)
Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
Participate in incident response (IR) activities, providing risk analysis and remediation support as needed
Enhance the team with your individualism, spirit, and love of learning

Qualification

CMMC complianceFedRAMP complianceSOC 2 complianceCloud technologiesRisk managementGRC toolsVulnerability scanningIncident responseScripting languagesGitOps

Required

Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC Analyst/Engineer experience
Deep understanding of at least few of the following: CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy compliance frameworks
Technical acumen. Strong understanding of modern cloud technologies (AWS, GCP, Azure, etc.) and familiarity with GRC tools (Hyperproof, Vanta, Drata, etc) and SIEM tools (Datadog, Splunk)
You're a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
Have experience training and coaching teams to become better security and privacy practitioners
Like working on an autonomous agile team. At Virtru, you will have ownership of security, but you'll collaborate with everyone to make sure we produce and implement the right solutions
Ability to resolve conflicts and drive issues to completion
Work independently with little or no supervision while maintaining a high level of efficiency
Hands on experience deploying and managing vulnerability scanning/cloud security posture management tools (Wiz, Prismacloud, etc.) to meet security compliance requirements
Real-world IR experience participating on security On-Call teams
Basic knowledge of scripting languages like Bash, Python, or Javascript to automate manual tasks
Familiarity with GitOps and Infrastructure-as-Code concepts

Preferred

Thinking outside of the box to respectfully challenge your teammates and managers in the pursuit of excellence
Strong sense of urgency with an action-oriented mindset
Able to collaborate and adapt to shifting priorities as business needs evolve
Comfortable with asynchronous communication including slack, email, zoom, etc

Benefits

A Flexible PTO policy — we strongly encourage you to take time off (in addition to 14 holidays) to ensure that you are getting the proper time needed to unplug and recharge.
A $1,500 annual Learning & Development Stipend focused on providing you the resources to continually learn and professionally grow.
Frequent company-sponsored team celebrations that provide ample opportunities to connect with teammates and be social!
Access to an Employee Assistance Program
Access to Headspace, a mental health app tailored to your specific needs.
A flat 3% contribution to your retirement account
A high degree of flexibility — Have an appointment, errand, or family emergency to take care of? Hop to it! We give you the time and space to take care of you and your own first.
Competitive compensation
Generous parental, medical, and bereavement policies
401K contribution and stock options
Full medical, dental, and vision benefits
New Hire Swag and IT Welcome boxes
Structured semi-annual 360° performance reviews

Company

Virtru

twittertwittertwitter
company-logo
Virtru provides data encryption for email and file sharing, enabling users to easily control access to their sensitive data.
dateFounded in 2012
location
Washington, District of Columbia, USA
people-size201-500 employees
web-link
https://www.virtru.com

Funding

Current Stage
Late Stage
Total Funding
$189.76M
Key Investors
ICONIQ CapitalICONIQ GrowthBessemer Venture Partners
2025-07-11Series D· $50M
2022-01-20Series C· $60M
2021-02-01Series B

Leadership Team

leader-logo
John Ackerly
CEO & Co-Founder
linkedin
leader-logo
Will Ackerly
Founder
linkedin

Recent News

SalesTech Star
Everfox and Virtru Partner to Improve Zero Trust Interoperability Among National Security Agencies
2025-10-17
PR Newswire
Northern Virginia Technology Council Announces 2025 NVTC Cyber50 Honorees
2025-10-15
Virtru
Virtru Data Security Platform Enables ACP 240 Adoption Among Allied Nations and Technology Partners
2025-10-15
Company data provided by crunchbase