Avetta · 20 hours ago
GRC Analyst
Lehi, UT
Full-time
Hybrid
Entry, Mid Level
$83K/yr - $92K/yr
1+ years expAvetta is a SaaS platform that connects leading organizations with qualified suppliers, contractors, and vendors. The GRC Analyst’s primary role is to support governance, risk, and compliance activities by performing control monitoring, risk assessments, and documentation updates.
Enterprise SoftwareLogisticsSupply Chain Management
Responsibilities
Assist in maintaining security and compliance policies, standards, and procedures
Support updates to documentation, control mappings, and compliance workflows
Help prepare reports and dashboards for leadership or auditors
Support enterprise and departmental risk assessment activities by gathering data, performing initial risk scoring, and documenting findings
Track remediation items and follow up with stakeholders to ensure timely completion
Maintain the risk register and ensure entries remain current and accurate
Collect and organize audit evidence for SOC 2, ISO 27001, PCI, and other frameworks
Conduct control testing and gap assessments under the guidance of senior team members
Monitor control performance and document exceptions or potential issues
Maintain and update GRC platforms (e.g., Vanta, Drata, Anecdotes, OneTrust)
Help maintain the centralized control library and update mappings across multiple frameworks
Assist teams in understanding control requirements and preparing evidence
Perform security reviews and tracking of vendors, questionnaire analysis, and documentation
Assist in developing or distributing compliance training materials and reminders
Help ensure employees complete required annual training
Qualification
Required
Bachelor's degree in Information Security, Business, Risk Management, or related field (or equivalent practical experience)
1–3 years of experience in compliance, IT audit, cybersecurity operations, risk management, or a similar field
Basic understanding of security controls, audit principles, and risk management concepts
Familiarity with cloud technologies (AWS, Azure, GCP) and SaaS environments
Ability to review evidence, evaluate control performance, and document findings clearly
Strong attention to detail and organizational skills
Good communication skills and ability to collaborate with cross-functional teams
Ability to manage multiple tasks and maintain accuracy under deadlines
Analytical mindset with a willingness to learn and improve processes
Preferred
Exposure to common compliance frameworks such as SOC 2, ISO 27001, NIST CSF, SOX, HIPAA, or PCI (hands-on experience is preferred)
Experience with GRC tools and ticketing systems is a plus
Benefits
Health, Dental, and Vision Insurance
401(k)
Paid Time Off
Company
Avetta
Avetta is a software company that offers a cloud-based platform for commercial marketplaces and supply chain risk management.
501-1000 employees
H1B Sponsorship
Avetta has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (3)
2022 (3)
2021 (4)
2020 (4)
Funding
Current Stage
Late StageTotal Funding
$35MKey Investors
Welsh Carson Anderson & StoweNorwest
2024-04-02Acquired
2019-02-14Private Equity
2018-03-21Private Equity
Leadership Team
Gretchen Eischen
Chief Market Officer
Recent News
Best ERP Software, Vendors, News and Reviews
2025-12-20
Company data provided by crunchbase