Governance, Risk, and Compliance (GRC) Analyst (1042) - Department of Technology
$138.68k - $174.43kCity and County of San Francisco
Governance, Risk, and Compliance (GRC) Analyst (1042) - Department of Technology Apply through the City and County of San Francisco SmartRecruiters portal. Application deadline: 11:59 PM PST, Wednesday, October 29, 2025. About Department of Technology The Department of Technology (DT) is the centralized technology services provider for the City and County of San Francisco, supporting public safety, municipal broadband, cybersecurity, cloud solutions, and more. Benefits of Working for CCSF Competitive pay, benefits, and retirement options Career growth opportunities through training, internal mobility, and subsidized education Diverse work environment in a diverse city Hybrid work schedule Responsibilities Perform cyber risk assessments against City cybersecurity requirements. Conduct vendor risk assessments to evaluate security posture of vendors. Support the cyber awareness training and education program, including phishing simulations. Track and monitor risk mitigation plans. Develop routine reports in accordance with GRC metrics. Coordinate with technology and business groups to assess, implement, and monitor IT‑related security risks/hazards. Conduct technical research to aid in threat assessment or risk mitigation activities. Perform assessments of adherence to standards. Review policies and supporting procedures/processes. Stay up‑to‑date on industry changes related to security. Appointment Type Permanent Exempt (PEX), Full Time. This position is excluded by the Charter from the competitive civil service examination process and will serve at the discretion of the appointment officer. The anticipated duration is 36 months and will not result in an eligible list or permanent civil service hiring. Work Location Primary location: Department of Technology, 1 S Van Ness Ave, San Francisco, CA 94103. Occasional travel to other City sites may be required. Nature of Work Hybrid work schedule may be offered. Traveling within San Francisco may be required. How to Qualify Minimum Qualifications Associate degree in computer science, computer engineering, information systems, or a closely related field from an accredited college or university, OR equivalent in credit units. One (1) year of experience analyzing, installing, configuring, enhancing, and/or maintaining enterprise network components. Substitution: Each year of relevant experience may substitute for one year of academic training, up to a maximum of two (2) years. Completion of the 1010 Information Systems Trainee Program may substitute for the required degree. Desirable Qualifications 1–2 years working in a cyber GRC role. Experience with risk analytics within IT. Familiarity with cybersecurity frameworks (NIST CSF/RMF, NIST 800‑53, FedRAMP, etc.). Familiarity with security standards (e.g., HIPAA, PCI‑DSS, etc.). Familiarity with vendor risk management assessments (e.g., SOC 2, CAIQ, etc.). Comfortable discussing technical topics. Proficiency in Excel or similar. Ability to define and communicate risk in business‑relevant language. Excellent verbal and written communication skills. Experience communicating IT risk concepts to non‑technical people. Knowledge of quantitative risk management, including the Factor Analysis of Information Risk (FAIR). Familiarity with GRC platforms (e.g., SNOW, LogicGate, OneTrust, etc.). Security certifications (e.g., Security+, CISA, CISM, CRISC, etc.). Preferred skills in SharePoint and reporting services. Knowledge of privacy concepts. Verification Applicants may be required to submit verification of qualifying education and experience. Written verification must be on official letterhead, signed by the employer. Selection Procedures Evaluation of applications will consider minimum requirements and assess knowledge, skills, and abilities. Additional screening may be used. Interviews and written or performance exercises may be part of the process. Compensation $66.6750 – $83.8625 (hourly) | $138,684 – $174,434 (annually) EEO Statement The City and County of San Francisco encourages women, minorities, and persons with disabilities to apply. Applicants will be considered regardless of sex, race, age, religion, color, national origin, ancestry, physical or mental disability, medical condition, HIV/AIDS status, genetic information, marital status, sexual orientation, gender identity, gender expression, military and veteran status, or any other protected class. Additional Information Regarding Employment All information will be kept confidential according to EEO guidelines. #J-18808-Ljbffr City and County of San Francisco
$135k - $165k
...Ivo is an AI-powered contract review and legal technology company transforming how organizations review, negotiate,... ...continue to scale, we are looking for a highly motivated Governance, Risk & Compliance (GRC) Analyst to support and mature Ivo's security compliance and...SuggestedContract workFlexible hours- City and County of San Francisco seeks a Governance, Risk, and Compliance Analyst for the Department of Technology. This position focuses on conducting cyber risk assessments and vendor evaluations while supporting security training and education programs. The ideal candidate...SuggestedFull time
$161.6k - $202k
...that responsibility demands a security and compliance program that scales with the business. We're building out our dedicated GRC team to improve and mature our program! You... ..., SOC 2, PCI-DSS, HIPAA), third-party risk management, security awareness training, and...SuggestedWork from homeFlexible hours$150k - $180k
...Role We're looking for a GRC Analyst to join our growing... ...the backbone of all the compliance work at the... ...translates security and risk into terms that the business... ...your start date* $600 technology stipend to support a portion... ..., if necessary, the Department of Homeland Security (...SuggestedFull timeImmediate startRemote workWork from homeFlexible hours- Simile in San Francisco is seeking a Governance, Risk, and Compliance (GRC) Analyst to ensure the integrity of our AI systems. The role revolves around developing security policies, managing compliance, and fostering a culture of security awareness across the company....Suggested
$110k - $140k
Security Compliance Analyst Manage Hive’s current risk management program Manage external and internal audits,... ...Participate in building a comprehensive Governance, Risk and Compliance program... ..., access management and general technology process controls. Provide compliance...- Ivo Inc. is seeking a GRC Analyst to support compliance and risk management initiatives in their San Francisco office. This is a crucial role designed... ...successful candidate will have 3-5 years of experience in Governance, Risk & Compliance, and be skilled in audits and...Work at office
- United States Digital Space LLC is seeking a Security Risk and Compliance Analyst in San Francisco. You will enhance and operate compliance programs... .... This role offers a unique opportunity for those with GRC experience to refine technical skills while collaborating with...
$96.3k - $145.2k
Job Category Enterprise Technology & Infrastructure About Salesforce Salesforce is the #1 AI CRM, where humans... ...at the heart of it all. Experience The Security GRC Analyst role is part of our Security and Compliance team, sitting at the intersection of internal operations...Work at office$122k
...173293 Job Category: Compliance / Risk / Quality Assurance Job... ...Job Location: Oakland Department Overview The Compliance Strategy and Governance department in Enterprise... ...and Compliance Expert Analyst is focused on... ...Risk, and Compliance (GRC) solutions. PG&E Corporation...Contract workWork experience placementWork at officeRemote work- Perplexity is seeking a highly experienced Governance, Risk & Compliance Analyst to join our world-class team. You will help shape our compliance and risk... ...to additional compliance frameworks Build internal GRC platform and tooling Conduct risk assessments and mitigate...Full time
$216k - $252k
About The Team Governance, Risk, and Compliance (GRC) is foundational to Security delivering mission outcomes at OpenAI. The GRC team provides security assurances and builds compliance for OpenAI’s technology, people, and products. We are technical in what we build but...$95k - $130k
Overview Security GRC Analyst job at LiveRamp. San Francisco... ...of rapidly evolving compliance and privacy... ...is designed to reduce risk in alignment with business... ...of Global Security Governance, Risk and Compliance... ...techniques, and security technologies by attending...Work at officeRemote workWork from homeFlexible hoursNight shift$134k - $202k
...our community, or shaping our story, you’ll help define what comes next. About the role: We are looking for a GRC Analyst to join our Governance, Risk & Compliance (GRC) team. You will have the opportunity to manage and maintain ongoing compliance with security and...Work at officeRemote workWork from homeWorldwideMonday to FridayFlexible hours$130k - $150k
...that believes in each other, come build with us at Crusoe. About This Role We’re seeking a GRC Analyst to support the day-to-day execution of our Governance, Risk, and Compliance program. Reporting to the Head of GRC, this role focuses on operational compliance activities...Temporary work$125k - $200k
...and Guillermo Rauch. About the Role GRC at Simile means acting as the... ...secure and compliant. You will connect governance, risk management, and compliance to protect our organization and our... ...& Audits: Act as a Customer Trust Analyst to address security-related inquiries...Flexible hours$65 - $85 per hour
...Senior GRC Analyst – Security & Compliance LHH Recruitment Solutions is partnering with a high-growth, cloud-native... ...to take ownership of a growing governance, risk, and compliance program within an innovative technology environment. The organization is building...Contract workTemporary workWork at officeLocal area$132k - $178k
...Enterprise Risk Analyst Denver, CO or Long Beach, CA... ...ambition to build the technology that secures it. True... ...engineering, security, legal, compliance, and operations teams... ..., enterprise GRC platforms, and MS Project... ...interactions, and government partner reviews....Permanent employmentContract workWork at office- ...Risk Management Analyst Integrated Resources, Inc is a premier staffing firm recognized as one of the tri-states most well-respected professional... ...quality resources in four specialty areas: Information Technology (IT), Clinical Research, Rehabilitation Therapy and...
$120k - $135k
...team: As an Senior Actuarial Analyst on the Pricing team, you will be working under the risk function with talented team members... ...loves what they do, leverages technology to improve efficiency &... ...science, claims or other analytical departments to solve complex business...$135k - $165k
Icehouseventures is seeking a proactive GRC Analyst to join our team in San Francisco. This role will support compliance and risk management initiatives essential for maintaining high security standards. The ideal candidate will have 3-5 years of experience in GRC and relevant...Contract work- Salesforce.com, inc. is seeking a detail-oriented Security GRC Analyst to join their Security and Compliance team. In this role, you will lead the Unified Audit program ensuring compliance across various frameworks like SOC 2 and HIPAA, while managing evidence collection...
- Youcom is seeking a GRC Analyst to support the compliance function within our Security, IT, and Privacy team. This role focuses on managing compliance... ...candidate will coordinate audit activities, conduct vendor risk assessments, and ensure compliance policies are...Flexible hours
$150k
Crusoe Energy Systems LLC is looking for a GRC Analyst in San Francisco, CA to support their Governance, Risk, and Compliance program. The role includes managing user access reviews, supporting audits, and leveraging AI tools for process improvements. Ideal candidates...$193.8k - $228k
Senior GRC Analyst II job at Carta. San Francisco, CA. The Problems You'll Solve As a Senior GRC Analyst... ...and accordingly establish and maintain governance and risk frameworks. You will build and run security compliance programs to measure and reduce risk, report compliance...Full time- Ivo is looking for a detail-oriented Governance, Risk & Compliance (GRC) Analyst in San Francisco. The ideal candidate will support compliance programs such as SOC 2 Type II and ISO 27001 while managing audits and risk assessments. This onsite role offers a competitive...
$49.04 - $66.35 per hour
...Compliance Analyst Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth enterprises worldwide. We... ...to join our growing Finance Department. This position will oversee the... ...Counsel Guidelines Risk assessment on new and existing...Hourly payWorldwide- A prominent AI research firm based in San Francisco is seeking an AI Emerging Risks Analyst to analyze and mitigate potential risks related to AI technologies. The successful candidate will leverage a strong background in trust and safety to develop actionable intelligence...
- A technology services provider is seeking a Fraud Analyst in San Francisco or Portland. The role involves analyzing fraud risks, optimizing alerting strategies, and collaborating with various business units. Applicants should have over 5 years of experience in risk analysis...
- ...Team The Financial Crime Compliance (FCC) team at Airwallex... ...program, sanctions framework, risk assessment methodology, and governance infrastructure across... ..., NYDFS, state banking departments, and FINTRAC). Oversee... ...and Risk Committee (GRC). Provide strategic regulatory...Local areaWorldwideShift work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Governance, Risk, and Compliance (GRC) Analyst (1042) - Department of Technology. Be the first to apply!
- risk officer San Francisco, CA
- it risk analyst San Francisco, CA
- risk analyst San Francisco, CA
- senior quantitative risk analyst San Francisco, CA
- risk consultant San Francisco, CA
- risk compliance officer San Francisco, CA
- operational risk specialist San Francisco, CA
- governance risk & compliance analyst San Francisco, CA
- operational risk consultant San Francisco, CA
- third party risk analyst San Francisco, CA

