Senior GRC Analyst
$110k - $130kBlue J.
Senior GRC Analyst
Blue J is the leading generative AI solution for tax professionals. As a B2B SaaS company, our customers are accountants and tax experts who rely on our market-leading software to deliver fast, accurate, and defensible answers to complex tax questions. With the launch of our flagship generative AI product, we've consistently exceeded our revenue targets quarter over quarter and continue to accelerate our growth. Our product roadmap is ambitious, customer-focused, and designed to deliver exceptional value at speed. On the heels of our $122M USD Series D funding, we're racing ahead with an exciting product roadmap and are looking for a Senior GRC Specialist to support our growth. Reporting directly to our Senior Manager, GRC, this role will focus heavily on hands-on execution while also contributing ideas to mature our GRC program.
This role is primarily remote, with the expectation of occasional in-person meetings at our Toronto office and some travel for conferences.
This is a unique opportunity to be the hands-on GRC analyst at a high-growth SaaS company that already operates at a strong external standard (SOC 2 Type 2) and sells to discerning legal, tax, and public-sector clients. You'll unblock deals, strengthen our privacy & security posture across multiple jurisdictions (Canada, US, UK/EU), and create the headroom for the team to improve processes without sacrificing day-to-day responsiveness.
What You'll be Doing
- Security questionnaires / sales surveys end-to-end to help Sales move quickly and confidently.
- Support our annual SOC 2 Type 2 activities (evidence collection, control monitoring, audit coordination) and applicable privacy regulation obligations (such as GDPR/UK GDPR, PIPEDA, CCPA/CPRA, etc.).
- Monitor emerging AI-related laws and compliance frameworks to ensure Blue J remains aligned with evolving AI governance requirements; contribute to developing internal readiness in this rapidly growing regulatory space.
- Perform vendor due diligence (new & existing vendors/sub-processors), assess risk, document findings, and track remediation; maintain the vendor inventory.
- Maintain and improve policies & procedures (security, privacy, incident response, acceptable use, access, etc.), ensuring versions, ownership, and review cadence are clear.
- Risk analysis & risk register: run/refresh risk assessments, rate risks, propose controls, and report on trends and treatment status.
- Continuous improvement: identify pragmatic process upgrades that save time, reduce risk, and scale with growth while staying hands-on in daily execution.
What You Offer Blue J
- 3-5 years in GRC or closely related roles, with a bias for action and comfort working as a doer in a lean team.
- Proven experience with SOC 2 Type 2 audits.
- Strong background in vendor due diligence/TPRM, policy management, and risk assessment.
- Excellent written and verbal communication, including the ability to simplify complex compliance topics for customers and internal stakeholders.
- Experience in B2B SaaS, ideally startup/scale-up environments serving regulated or enterprise customers.
- Tooling familiarity with Drata, Vanta, and Jira, and other collaboration and compliance tools.
- Comfortable leveraging AI tools and emerging technologies to drive efficiency, improve workflows, and stay ahead of industry trends.
What We Offer You
- A rare opportunity to be an early team member shaping our security and compliance with visible business impact.
- A mission-driven culture where your work directly advances clarity, efficiency, and accessibility in tax research.
- Competitive base salary, stock options, and benefits designed to support you and your family.
- Flexibility in how you work: primarily remote, with occasional travel to our Toronto office.
- A collaborative, ambitious, and supportive team that values innovation, respect, and fun.
- The excitement of a fast-growing, well-funded company with clear momentum, and the resources to back bold initiatives.
The Core Values that Define Our Culture
- We are customer-focused
- We put the team interest before self-interest
- We are pleasant and playful
- We are open to better ideas
- We deliver on our promises
- We solve the toughest problems
What to Expect in the Interview Process
We anticipate a high volume of applicants for this role and are excited to grow our team. A human will review each application and get back to you as soon as possible. We appreciate your patience and look forward to connecting with you!
Interview Process
- Chat with Elli, Talent Acquisition Manager
- Meet Mark, Senior Manager, GRC
- Present your ideas to the team
- Meet Brett, CTO
- Meet Ben, CEO
We believe our strength is built on diversity of thought, and encourage candidates from all backgrounds and experiences to apply. We value inclusiveness and are an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We strive to create an inclusive and accessible hiring experience for all candidates. If you need any accommodations during the interview process, please let us know in your application. Our team is dedicated to providing the necessary support and making reasonable adjustments to ensure a smooth process for everyone.
Compensation
The base pay range for this role is $110-$130k per year. This is a Level 3 in Blue J's career level framework. We use levels to define the expected scope, autonomy, impact, decision-making, and experience for each role. Final compensation will be set fairly and thoughtfully based on experience, expertise, and alignment with the role's responsibilities. While all candidates are expected to bring directly relevant experience, the top of the range is typically reserved for individuals who demonstrate exceptional depth in the role's core competencies, a strong track record of impact in similar environments, and the ability to operate with a high degree of autonomy from day one.
- ...scrutinize during procurement and something customers depend on to justify their trust. This role owns all of it. As our Senior GRC Analyst, you'll be the owner of Doppler's security and compliance program; maintaining our SOC 2 Type II and ISO 27001 certifications...SeniorRemote work
$130k - $160k
...Benepass | Candidate Resource Page Benepass Listed on Inc. Magazine's Best Workplaces of 2023 Team & Role As a Senior GRC Analyst at Benepass, you will help operate and mature the governance, risk, compliance, audit readiness, and customer assurance programs...SeniorWork at officeRemote workWork from homeFlexible hours- ...to its workforce, Kokosing is the winning team.Job Description:We are looking for a Security Governance, Risk, and Compliance (GRC) Analyst to support and mature our security and compliance programs across a large construction organization. This role focuses on maintaining...SeniorFor contractors
$140k - $165k
...while learning, having fun, and making a profound difference for the dreamers and builders in the world. We’re looking for a Senior GRC Analyst to serve as the primary architect for our expanding ISO ecosystem. As a Senior GRC Analyst at DigitalOcean, you will lead the...SeniorLocal areaWorldwideFlexible hours- ...Senior GRC Analyst Location: Atlanta, GA Need local with availibilty of onsite interview in required Type: 5-Month Contract (Possibility of Extension) GC/USC GRC frameworks (ISO 27001, NIST, GDPR, CMMC), risk assessment, compliance audits,...SeniorContract workLocal area
- ...Despite our growth and scale, we're still just getting started. That's where you come in. About the role We're hiring a Senior GRC Analyst to help scale Radar's security and compliance programs, with a focus on third-party risk and modern SaaS governance. You'...SeniorWork at officeRemote work
- ...Senior GRC Analyst Palo Alto, California Workato delivers enterprise infrastructure for the agentic era, redefining iPaaS and helping enterprises unify data, applications, processes, and AI into a single, governed platform. A leader in Enterprise MCP and trusted...SeniorRemote workFlexible hours
- ...The Role We Want You For Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Third-Party & Human Risk Management (TPHRM) is a risk focused, highly analytical role that ensures all human and third‑party risk to Clayco is identified, quantified...SeniorImmediate startFlexible hours
- ...entertainment related building projects. The Role We Want You For Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Risk Management is the primary owner and operational steward of the Enterprise Risk Register. This role is...SeniorFor contractorsImmediate startFlexible hours
$132k - $165k
...Senior GRC Analyst Remote Garner's mission is to transform the healthcare economy, delivering high-quality and affordable care for all. We are fundamentally reimagining how healthcare works in the U.S. by partnering with employers to redesign healthcare benefits...SeniorWork at officeRemote workFlexible hours$130k - $150k
...build with us at Crusoe. About This Role We're seeking a GRC Analyst to support the day-to-day execution of our Governance, Risk,... ...questionnaires and due diligence requests with guidance from senior team members Maintaining and updating audit and compliance...SeniorTemporary work- ...Senior GRC Analyst | Deltek, Inc You will be part of the GRC team responsible for assessment, audits of cloud environments, information systems, risk management, and security tools to ensure adherence to applicable frameworks, laws, and regulations. As a Senior GRC...SeniorRemote work
$130k - $160k
...Alumni Ventures is seeking a Senior GRC Analyst to operate and mature governance, risk, compliance, and audit readiness programs. This role involves collaboration across departments to ensure effective compliance practices. Ideal candidates have 5+ years in GRC and experience...SeniorRemote workFlexible hours$161.6k - $202k
...— and that responsibility demands a security and compliance program that scales with the business. We're building out our dedicated GRC team to improve and mature our program! You'll join the Security team and work across four pillars: security certifications (HITRUST...SeniorWork from homeFlexible hours- Forrester Research, based in Cambridge, MA, is seeking a Senior Analyst to deliver strategic advice and conduct research for risk management leaders. The ideal candidate will possess strong knowledge of risk practices, cyber risk quantification, and excellent communication...Senior
- Itlearn360 is seeking an experienced Third Party Governance, Risk and Compliance (GRC) Analyst in Los Angeles, CA. The ideal candidate should have at least three years of experience, preferably with Big 4 consulting or in regulated industries. This role involves executing...Senior
- A staffing agency based in Dallas, Texas is seeking a Senior Security Analyst to identify and mitigate security risks within the IT environment.... ...Information Security or IT and at least 3 years of experience in GRC/risk management. Competitive compensation and benefits...Senior
- Gilder Search Group is looking for a Sr. GRC Analyst focused on Third-Party & Human Risk Management in St. Louis, Missouri. The role ensures all human and third-party risks to Clayco are identified and treated appropriately. Key responsibilities include owning the TPRM...Senior
- A community-focused healthcare organization in California is seeking a Senior Analyst for IT Governance, Risk & Compliance. This role involves managing the Information Security GRC program, ensuring compliance with various regulations including HIPAA and PCI. Candidates...Senior
- PTR Global is seeking an experienced Information Security Analyst 4 for a contingent role based in Chandler, Arizona. This senior-level position emphasizes performing governance work related to data protection and enterprise risk management. Responsibilities include managing...SeniorContract work
- Crunchyroll is seeking an experienced Risk Analyst to support our Information Security GRC team. This role emphasizes governance, risk, and compliance, ensuring technology evolution aligns with employee needs and strategic goals. Successful candidates will have over 8 years...SeniorFlexible hours
- A leading fast food company in Columbus, OH, is seeking a Senior Analyst specializing in Governance, Risk & Compliance. This role involves collaborating across departments to develop and implement security measures, risk assessments, and compliance with regulations like...Senior
- Phase2 Technology is seeking a Senior Analyst to conduct research and provide strategic guidance for risk management leaders. The successful candidate will leverage their expertise in cyber risk quantification and risk management practices to deliver insights across multiple...Senior
- Gilder Search Group is looking for a Sr. GRC Analyst focusing on Third-Party & Human Risk Management in Atlanta, Georgia. This role involves risk analysis, compliance assessments, vendor management, and developing security awareness training. The ideal candidate has 6-8...Senior
- Sky Mavis is seeking a Senior GRC Analyst focused on Third-Party and Human Risk Management in St. Louis, Missouri. This role requires 6-8+ years of experience in Risk Assessment and Information Security, with strong analytical skills. You will lead the Vendor Risk Management...Senior
- Radar is hiring a Senior GRC Analyst in New York City to enhance security and compliance programs, focusing on third-party risk and SaaS governance. You will work with various teams to evaluate vendors, shape security strategies, and improve workflows, reporting to the...Senior
- Sky Mavis seeks a Sr. GRC Analyst in Phoenix, AZ, to manage Third-Party and Human Risk Management. This analytical role involves vendor risk assessment, security awareness training, and compliance evaluation, ensuring holistic risk management. Candidates should have significant...Senior
- Amynta Group in Fort Worth is seeking a Senior GRC Analyst to enhance its risk management and compliance program. This hybrid role requires an individual to assess information security risks and support audits across operations. The ideal candidate should possess a Bachelor...Senior
$119k - $193k
Phase2 Technology is seeking a Senior Analyst to conduct research and provide strategic advice to risk management leaders. The ideal candidate will possess a deep understanding of risk management trends, practices, and compliance management. This role involves producing...Senior- A global beverage solutions provider is seeking a Sr IT Governance Risk and Controls Analyst in Tampa, Florida. This role focuses on maintaining and improving the IT governance, risk, and compliance program, particularly in SOX compliance. Responsibilities include conducting...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior GRC Analyst. Be the first to apply!
- grc analyst United States
- senior licensing manager United States
- senior cloud service delivery manager United States
- senior business analyst contract United States
- senior product design engineer United States
- senior game producer United States
- senior software manager United States
- senior creative strategist United States
- senior manager business analytics United States
- senior marketing account manager United States

