GRC Analyst

Company Overview MACOM designs and manufactures semiconductor products for Data Center, Telecommunication, and Industrial and Defense applications. Headquartered in Lowell, Massachusetts, MACOM has design centers and sales offices throughout North America, Europe, and Asia. MACOM is certified to the ISO9001 international quality standard and ISO14001 environmental management standard. MACOM has more than 75 years of application expertise with multiple design centers, Si, GaAs, and InP fabrication, manufacturing, assembly and test, and operational facilities throughout North America, Europe, and Asia. Click here to view our facilities. MACOM sells and distributes products globally via a sales channel comprised of a direct field sales force, authorized sales representatives, and leading industry distributors. Our sales team is trained across all of our products to give our customers insights into our entire portfolio. Position Overview We are seeking a motivated and detail-oriented GRC Analyst to join our Information Security team. This role will support the organization’s governance, risk, and compliance initiatives, focusing on regulatory and framework alignment, third‑party risk management, risk lifecycle processes, and policy governance. The ideal candidate will have foundational knowledge of information security principles, strong analytical skills, and a willingness to learn and grow within the GRC space, especially in platforms such as ServiceNow GRC. Key Responsibilities Compliance & Framework Support Assist in the implementation, maintenance, and monitoring of compliance frameworks (e.g., NIST, ISO 27001, SOX, SOC2, CIS, etc.) Support internal and external audit activities, including evidence collection and control validation Track and report on compliance status, gaps, and remediation efforts Third‑Party Risk Management (TPRM) Conduct vendor risk assessments and due diligence reviews Analyze third‑party security posture and identify potential risks Maintain vendor inventory and track risk treatment activities Collaborate with business owners to ensure appropriate risk mitigation Risk Management Support the execution of the Information Security risk management lifecycle Assist with risk identification, assessment, documentation, and tracking Help maintain risk registers and ensure risks are properly escalated and monitored Partner with stakeholders to support risk remediation planning Policy Governance Assist in drafting, reviewing, and maintaining information security policies, standards, and procedures Facilitate policy review cycles, approvals, and documentation updates Ensure alignment with regulatory requirements and industry best practices GRC Tooling & Process Support Support and learn the administration and use of ServiceNow GRC Assist in configuring workflows, tracking activities, and improving GRC processes Help identify opportunities for automation and process optimization Qualifications: Required Bachelor’s degree in Information Security, Cybersecurity, IT, or related field (or equivalent experience) 1–3 years of experience in information security, risk, compliance, or audit (internships acceptable) Basic understanding of security frameworks and regulatory requirements Strong analytical, organizational, and documentation skills Excellent written and verbal communication skills Preferred Exposure to frameworks such as NIST, ISO 27001, SOC 2, or CIS Security or compliance certifications (e.g., CISM, CRISC, CISSP, CGEIT, or CISA). Experience with third‑party risk management processes Familiarity with risk management concepts and methodologies Exposure to GRC tools (ServiceNow GRC preferred, but not required) Key Competencies Detail‑oriented with strong follow‑through Ability to manage multiple priorities and deadlines Collaborative mindset with cross‑functional teams Curiosity and willingness to learn new tools and frameworks Strong problem‑solving and critical‑thinking skills Why Join Us Opportunity to grow within a maturing GRC program Exposure to a wide range of security, compliance, and risk disciplines Hands‑on experience with industry‑standard tools like ServiceNow GRC Collaborative and supportive team environment EEO: MACOM is an Equal Opportunity Employer committed to a diverse workforce. MACOM will not discriminate against any worker or job applicant on the basis of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, military service, marital status, or any other category protected under applicable law. Reasonable Accommodation: MACOM is committed to working with and providing reasonable accommodations to qualified individuals with physical and mental disabilities. If you have a disability and are in need of a reasonable accommodation with respect to any part of the application process, please call View phone number on click.appcast.io or email View email address on click.appcast.io. Provide your name, phone number and the position title and location in which you are interested, and nature of accommodation needed, and we will get back to you. We also work with current employees who request or need reasonable accommodation in order to perform the essential functions of their jobs. ITAR Due to ITAR regulations, only candidates who are U.S. Persons (U.S. citizens, U.S. nationals, lawful permanent residents, or individuals granted asylum or refugee status) will be considered for this position. RSU Eligible This position is eligible to receive restricted stock unit (RSU) awards and cash bonuses, solely at MACOM’s discretion, subject to individual and company performance. Salary Range The salary range for this position is $78,000–$125,000. Actual salary offered to a candidate will depend on several factors, including but not limited to, work location, relevant candidates’ experience, education, and specific knowledge, skills, and abilities. Benefits: This position offers a comprehensive benefits package including but not limited to: Health, dental, and vision insurance. Employer-sponsored 401(k) plan. Paid time off. Professional development opportunities. #J-18808-Ljbffr