Apply on Employer Site

Trimble Inc. · 1 day ago

Cybersecurity GRC - Compliance Analyst

Colorado, United States

Full-time

Onsite

Entry, Mid Level

$86K/yr - $118K/yr

2+ years exp

Trimble Inc. is transforming the way the world works by delivering products and services that connect the physical and digital worlds. The Cybersecurity GRC - Compliance Analyst will be responsible for ensuring compliance with various security frameworks and conducting audits to maintain the integrity of Trimble’s product portfolio.

Indoor PositioningMapping ServicesNavigationSoftwareWeb Hosting

Work & Life Balance

H1B Sponsor Likely

Responsibilities

Perform SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 and ISO 42001 gap analysis and recommend process, procedural, documentation and tooling recommendations to remediate

Improve Compliance and certification scope efficiency via review and enhancements of the Trimble Common Control Framework

Perform ISO 27001 & ISO27701 Internal Audits

Perform SOC 1 & 2, NIST 800-171 Internal & External Audits

Contribute to annual policy revisions and maintenance of the IMS

Constantly coordinate with key business stakeholders and the external auditor

Present metrics derived from the Integrated Management System, audit results, trends in risk, and corrective action plans to senior leadership

Contribute to the creation of processes and procedures that increase efficiency of the overall compliance program across all standards and frameworks

Collaborate with Cybersecurity team members, Trimble businesses across various geographies

Contribute to risk management processes to ensure business risk posture is properly calculated and proactively managed

Produce and analyze information that will accurately demonstrate the risk posture of each business and drive actions to reduce and manage technical risks

Be able to understand and communicate technical risks to a broad set of stakeholders. Must be able to adjust delivery to the audience

Qualification

SOC 1 & 2NIST 800-171ISO 27001ISO 27701ISO 42001Risk managementInternal auditsExternal auditsData PrivacyGRC toolsGeneral IT knowledgeAnalytical skillsEffective communicationProblem-solvingTeam collaboration

Required

Familiarity with security frameworks and security control auditing, specifically SOC 1 & 2 and NIST 800-171

Experience with ISO 27001, ISO 27701, ISO 42001

Experience with risk assessments and scoring

Conducting gap analysis

Internal audits and external audit coordination

Ability to work 6 months project based and 6 months audit

Working knowledge of SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 & ISO 42001

Designing audit controls spanning SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 & ISO 42001

Ability to write policy and interpret complex business changes

Comprehensive understanding of risk management standards and guidelines

General IT knowledge (networking, cloud computing, software development)

General knowledge in Data Privacy (GDPR, CCPA and other regulations)

Ability to make effective, timely decisions with clear reasoning

Ability to quickly establish a broad understanding of an issue with limited available information

Excellent organizational and presentation skills

Effective communication skills (verbal and written) and time management skills

Flexible approach to working in a changing environment

Ability to work as part of a collaborative global team

2 years experience working with SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701

Proficiency in English (written and oral)

2 years experience in a risk management role, information security role or systems engineer/administrator role in a large, international software company

Hands-on experience with business and GRC tools such as: Jira Service Desk

Demonstrated experience in collecting information from disparate data sources and formulating into reports

Intermediate level experience with Windows and Linux/Unix operating systems

Intermediate level cloud knowledge within AWS, Azure and GCP

Intermediate level scripting knowledge and experience of Splunk and creating queries

Excellent analytical, problem-solving and decision making skills

Preferred

A relevant degree in Data Science, Computer Science or Engineering (Software or Electrical)

Current general security certifications (e.g., SEC+, GSEC) encouraged but not required

ISO 27001 Certified Internal / Lead Auditor and or equivalent experience

Experience of using AI to reduce manual process and procedure

Benefits

Medical

Dental

Vision

Life

Disability

Time off plans

Retirement plans

Tax savings plans for health, dependent care and commuter expenses

Paid Parental Leave

Employee Stock Purchase Plan

Company

Trimble Inc.

Glassdoor4.1

Trimble is a global technology company that connects the physical and digital worlds, transforming the ways work gets done.

Founded in 1978

Westminster, Colorado, USA

10001+ employees

https://www.trimble.com/

H1B Sponsorship

Trimble Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (62)

2024 (61)

2023 (43)

2022 (52)

2021 (51)

2020 (34)

Funding

Current Stage

Public Company

Total Funding

$1.02B

Key Investors

Bank of America

2022-12-30Post Ipo Debt· $1B

2002-01-15Post Ipo Equity· $19.2M

1990-07-27IPO

Leadership Team

Robert Painter

Chief Executive Officer

Phillip Sawarynski

Chief Financial Officer

Recent News

TradingView

Trimble Delivers Lane-Level Precision to Lucid Gravity EVs Starting End of Jan 2026

2026-01-06

MarketScreener

Trimble delivers lane-level precision to Lucid Gravity EVs starting end of Jan 2026

2026-01-06

Business Insider

The SpaceX Mafia is here

2025-12-25

Company data provided by crunchbase