Security GRC Analyst
$96.3k - $145.2ksalesforce.com, inc.
Job Category Enterprise Technology & Infrastructure About Salesforce Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a buzzword – it's a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all. Experience The Security GRC Analyst role is part of our Security and Compliance team, sitting at the intersection of internal operations and external audit relationships. We are looking for a detail-oriented GRC Analyst to lead our Unified Audit program – keeping us compliant, audit-ready, and continuously improving across multiple frameworks. What You’ll Actually Be Doing Lead end-to-end Unified Audit program across SOC 2, HIPAA, ISO 27001, and GxP frameworks, coordinating schedules and minimizing duplication. Manage internal evidence collection by assigning tasks to control owners, tracking deadlines, validating submissions, and conducting pre-audit gap reviews. Serve as primary liaison with external auditors – scheduling walkthroughs, responding to information requests, and coordinating responses to findings. Maintain compliance dashboards, standard operating procedures, and documentation repositories to support continuous monitoring and audit readiness. You're Our Person If... 2–4 years of experience in GRC, compliance, audit, or information security, with hands‑on experience supporting or managing compliance audits. Working knowledge of at least two of the following frameworks: SOC 2, HIPAA, ISO 27001, or GxP. Proficiency with GRC tools, audit management platforms, and documentation systems (Microsoft Office Suite or Google Workspace). Clear communication with both technical and non‑technical stakeholders and the ability to manage multiple concurrent deadlines. Even Better If... Relevant certifications such as CISA, CRISC, CISSP, or ISO 27001 Lead Auditor/Implementer. Experience with unified or integrated audit programs, or a background in healthcare or life sciences. Hands‑on experience with GRC platforms such as Drata, Vanta, OneTrust, or ServiceNow GRC. Direct work with external audit firms in a compliance or security capacity. Accommodations If you need a reasonable accommodation during the application or the recruiting process, please submit a request via the Accommodations Request Form. Posting Statement Salesforce is an equal opportunity employer and maintains a policy of non‑discrimination with all employees and applicants for employment. Any employee or potential employee will be assessed on the basis of merit, competence, and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to recruiting, hiring, and promotion decisions at Salesforce. Compensation & Benefits In the United States, compensation offered will be determined by factors such as location, job level, job‑related knowledge, skills, and experience. The typical base salary range for this position is $96,300 – $145,200 annually. In select cities within the San Francisco and New York City metropolitan area, the base salary range for this role is $116,000 – $159,500 annually. The range represents base salary only and does not include company bonus, incentive, equity, or other benefits. Salesforce offers a variety of benefits to help you live well, including time‑off programs, medical, dental, vision, mental health support, paid parental leave, life and disability insurance, 401(k), and an employee stock‑purchasing program. Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider qualified applicants with arrest and conviction records. Salesforce believes in equitable compensation practices that reflect the dynamic nature of labor markets across regions. #J-18808-Ljbffr salesforce.com, inc.
$154k - $231k
...days per week; Lambda’s designated work from home day is currently Tuesday. What You’ll Do Validate and verify the organization’s security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure...SuggestedWork at officeLocal areaWork from homeFlexible hours$96.3k - $145.2k
Role Overview The Security GRC (Governance, Risk, and Compliance) Analyst role is part of our Security and Compliance team, sitting at the intersection of internal operations and external audit relationships. As a key partner to control owners and external auditors, you...SuggestedWork at office$95k - $130k
Overview Security GRC Analyst job at LiveRamp. San Francisco, CA. LiveRamp is the data collaboration platform of choice for the world's most innovative companies. A groundbreaking leader in consumer privacy, data ethics, and foundational identity, LiveRamp is setting the...SuggestedWork at officeRemote workWork from homeFlexible hoursNight shift$95k - $130k
LiveRamp is seeking a Security GRC Analyst in San Francisco to support security risk management, compliance, and reporting efforts. You will collaborate closely with various teams to address and mitigate risks while maintaining high compliance standards. The ideal candidate...SuggestedRemote job- Dormont Manufacturing Co is looking for a Cybersecurity Risk Manager in San Francisco to validate security controls and manage cybersecurity risk. You will work closely with technical and non-technical teams to enhance the organization’s cybersecurity posture. The ideal...SuggestedFlexible hours
- Ivo Inc. is seeking a GRC Analyst to support compliance and risk management initiatives in their San Francisco office. This is a crucial role designed to maintain Ivo's security compliance across multiple standards including SOC 2 Type II and ISO 27001. The successful candidate...Work at office
- United States Digital Space LLC is seeking a Security Risk and Compliance Analyst in San Francisco. You will enhance and operate compliance programs, focusing... .... This role offers a unique opportunity for those with GRC experience to refine technical skills while collaborating...
$96.3k - $145.2k
Centaur Labs is searching for a Security GRC Analyst to lead the Unified Audit program, ensuring compliance with frameworks such as SOC 2 and HIPAA. The ideal candidate will have 2-4 years of experience in GRC and must manage internal evidence collection and external audit...- ...Job Description Security Analyst - Endpoint Security & Infrastructure Location: Daly City, California, USA Work Mode: Onsite Employment Type: Full-Time Eligibility: Authorized to work in the US without sponsorship Experience: 5+ Years We...Full timeImmediate startShift work
$130k - $160k
...Role Overview As a Security Risk and Compliance Analyst you will play a hands‑on role in maturing and operating the company’s compliance and certification... .... This role sits at the intersection of traditional GRC work and compliance engineering: you will help maintain our...InternshipWork at officeLocal areaWork from homeWorldwide- ...Responsibilities Monitor the organization’s networks for security breaches and investigate a violation when one occurs. Install and use... ...caused by the breaches. Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems...
$121.76k
A leading scientific institution in San Francisco is seeking a Senior Security Analyst to manage information security controls, focusing on cybersecurity and operational integration. The ideal candidate will have over 5 years of IT experience with extensive knowledge in...Full time$1,750 - $2,150 per month
...leading AI labs to engage experienced cybersecurity professionals — security analysts, penetration testers, incident responders, threat intelligence... .../GCP), or zero‑trust design Governance, risk, and compliance (GRC) — NIST, ISO 27001, SOC 2, FedRAMP Professional...Remote jobHourly pay$75k - $100k
...US, UK, Europe, Japan and Canada, and has been used for more than 500,000 patients worldwide. Overview The Heartflow Information Security team is responsible for security across our corporate and product environments, protecting our patient data and medical device ecosystem...Local areaWorldwideRelocation$121.76k
...world and empower them to protect it. About the Opportunity Reporting to the Director of Information Technology, the Senior Security Analyst is responsible for configuring, maintaining, and monitoring internal security controls to prevent, detect, and respond to cyber...Full timeContract work- Job43 - EITS Security Risk Analyst B (Engagement) Location: 100% Remote Max Submissions: 5 Proposed Start Date: ASAP Proposed End Date: 06/3... ...document internal risk reviews, assessments, and exceptions using a GRC tool . Governance & Compliance Document and maintain risk...Remote jobImmediate startFlexible hours
$175k - $220k
...LinkedIn, Monday.com, Nvidia, and Bridgewater. About the Team The Security team at LangChain treats compliance as a business enabler, not a... ...and renewals. What you’ll bring 5+ years in privacy, GRC, or security compliance, ideally with time at a Big 4 or advisory...Contract workWork at officeFlexible hours- Dormont Manufacturing Co is seeking a Workday Business Systems Analyst to join their team in San Francisco, California. You will be responsible... ...HRIS with a focus on Core HCM, Benefits, Compensation, and Security. The ideal candidate will possess 5+ years of experience in...
- DELTASOFT SOLUTIONS LLC seeks a remote EITS Security Risk Analyst B to bridge CISO initiatives and IT teams. The role involves developing risk metrics... ..., and have a strong understanding of EMR systems and GRC tools. Preferred qualifications include a Bachelor's degree in...Remote jobImmediate start
- ...of key verticals and horizontals. Responsibilities Monitors and analyzes network traffic, identifying and responding to potential security threats. Works with security teams to develop and implement security policies and procedures, and provides technical support to other...
- ...San Francisco is hiring an Information Systems and Technology Analyst to manage network and server infrastructure effectively. The role... ...are required, while knowledge of cloud solutions and information security is preferred. #J-18808-Ljbffr Payfuture Technologies
- We are seeking an experienced Information Security Risk Analyst to identify, assess, and communicate security risks across business processes and technologies. The ideal candidate will combine technical expertise with strong communication and organizational skills to support...
$120k - $155k
HackerOne is seeking a Product Security Analyst who will evaluate vulnerabilities with top security researchers. This remote position, ideally suited for candidates near major US cities, enables collaboration on security findings, guiding clients in vulnerability remediation...Remote job$130k - $155k
Cox Worldwide Funds plc is looking for a Trade Operations & Data Analyst to join the Investment Operations department in San Francisco. This role is pivotal for maintaining the integrity of security reference data and overall asset data quality. Successful candidates will...Work at officeWorldwide- ...Position: IAM Remediation & Identity Security Analyst Location: Remote (working PST hours) Contract: 6+Months Overview We are seeking an experienced Identity & Access Management (IAM) professional to support remediation efforts following a recent...Contract workRemote work
- ARMA International is seeking an Information Security Operations Analyst in Berkeley, California. The role demands strong IT skills and at least 5 years of experience, focusing on security operations and incident response. The ideal candidate will join a collaborative team...
- The University of California, Berkeley is hiring an Information Security Operations Analyst to enhance the protection of its information systems. Candidates must have at least 5 years in IT and 3 years in security operations, focusing on incident response and log analysis...Full time
- ...Job Description Remote Contract Role | Information Security Technical Analyst Duration: 1 year contract with possible extension pay Range: 50 -54.80/hour on w2 Description: This role is within the Security Governance, Risk, and Compliance (SGRC) team,...Contract workRemote work
- ...Job Title: Information Security Technical Analyst Location: Remote - West Coast - PST based. Pay Rate: $54.86/hr on w2 Paid Weekly! Initial Assignment Length: 12 Months (Extension is possible based on performance, attendance, and business need) Start Date...Weekly payRemote work
$1,750 - $2,150 per month
...Role Responsibilities Review and evaluate AI-generated outputs related to threat analysis, vulnerability assessment, and security architecture recommendations. Create realistic scenarios based on cybersecurity workflows such as incident response runbooks, threat...Hourly payContract workSummer workRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security GRC Analyst. Be the first to apply!
- bond analyst San Francisco, CA
- senior security analyst San Francisco, CA
- entry level security analyst San Francisco, CA
- IT security analyst San Francisco, CA
- security operations analyst San Francisco, CA
- security analyst intern San Francisco, CA
- network security analyst San Francisco, CA
- information security analyst San Francisco, CA
- junior security analyst San Francisco, CA
- security analyst San Francisco, CA

