GRC Analyst
$100k - $120kTyler Technologies, Inc.
ITSeattle,WashingtonUnited States Salary: USD 100000 - 120000 Annually Tyler Technologies is seeking a Governance, Risk, and Compliance (GRC) Analyst to support our Data & Insights (D&I) solutions within the Security team. This role offers a meaningful opportunity to own and evolve the compliance posture of Tyler’s D&I cloud platform, with a primary focus on sustaining and strengthening our FedRAMP Moderate Authorization to Operate (ATO) in an evolving regulatory landscape. In this role, you will serve as a central driver of audit readiness, continuous monitoring, and compliance program execution—partnering closely with Security, Engineering, Infrastructure & Release (TIRE), Legal, Privacy, and external assessors. You will operate in a fast-paced, results-driven environment where strong coordination, documentation quality, and risk-informed decision-making are essential to delivering secure, compliant, and resilient cloud services. The D&I team serves as Tyler Technologies' central hub for data, reporting, analytics, and artificial intelligence capabilities. Our teams build and maintain the foundational services and solutions that enable data-driven innovation across Tyler's product portfolio. We empower teams throughout the organization to incorporate advanced analytics, AI, and data-driven features into their products, ultimately helping government agencies make better decisions and serve their communities more effectively. Team members contribute their expertise to reduce complexity, introduce innovative solutions, and advance Tyler's data-driven future. Responsibilities Own FedRAMP Moderate authorization sustainment and audit readiness. Managing continuous monitoring (ConMon), POA&Ms, annual assessments, evidence quality, and overall ATO health. Lead readiness for evolving FedRAMP standards, including FedRAMP 20x. Tracking program changes, identifying compliance gaps, and coordinating documentation and process updates. Serve as the primary compliance program coordinator for the D&I Security team. Partnering across Security, Engineering, Infrastructure & Release (TIRE), Legal, Corporate Security and Privacy, and external assessors to deliver consistent, audit-ready outcomes. Own FedRAMP change management and authorization boundary governance. Managing Security Impact Analyses (SIAs), Significant Change Requests and Notifications (SCRs/SCNs), authorization boundary documentation, and federal / Authorizing Official (AO) communications. Support risk-based decision-making. Documentation of control exceptions, risk acceptances, and compensating controls in alignment with FedRAMP and organizational governance. Coordinate external assurance activities, including SOC 2 Type II assessments. Managing auditor engagement, evidence collection, findings tracking, and alignment with existing FedRAMP/NIST controls. Maintain the system-of-record for compliance documentation and artifacts. Owning the System Security Plan (SSP), ConMon plan, control narratives, diagrams, and appendices to ensure accuracy, traceability, and defensibility. Drive multi-framework compliance alignment across regulated environments. Supporting FedRAMP, CJIS, HIPAA, and GDPR through gap identification, baseline documentation, and evidence reuse. Plan and execute internal compliance assessments. Managing annual OWASP SAMM re-assessments, periodic Cloud Security Assessments (AWS Well-Architected), and internal CJIS audits to measure maturity and prevent compliance drift. Support D&I’s cloud security and Tyler’s security maturity initiatives. Managing applicable assessments and re-assessments, and aligning outcomes with broader security and compliance goals. Continuously improve compliance processes and maturity. Reducing manual effort, improving evidence quality, and preparing the organization for increased automation and reporting expectations. Qualifications Soft Skills Strong organization and prioritization skills. Ability to manage continuous monitoring, POA&Ms, evidence collection, change tracking, and audit deliverables across overlapping timelines without losing accuracy. Clear, accurate written and verbal communication. Ability to document controls and evidence clearly and explain compliance requirements, risks, and decisions to engineers, auditors, customers, and non-technical stakeholders. Collaborative, cross-functional working style. Comfort partnering with Security, Engineering, Infrastructure, Legal, Privacy, and external assessors to drive consistent, audit-ready outcomes. Detail-oriented with a systems-level perspective. Ability to track control requirements, dependencies, and boundary impacts while understanding how individual updates affect overall authorization health. Reliability and accountability. Consistently follows through on assigned work, maintains accurate records, meets deadlines, and communicates status, risks, or blockers early. Comfort working within structured frameworks and deadlines. Ability to operate effectively within FedRAMP, NIST, SOC 2, and similar frameworks, including audits, assessments, and recurring reporting cycles. Practical problem-solving mindset. Able to identify gaps, inconsistencies, or risks in documentation or processes and work with others to resolve them pragmatically. Proactive learning and openness to feedback. Willingness to build expertise in FedRAMP, NIST, CJIS, HIPAA, GDPR, and regulatory requirements over time and incorporate feedback into work. Adaptability and resilience. Ability to adjust to changing regulatory guidance, audit findings, and shifting priorities while maintaining quality and professionalism. Stakeholder- and trust-focused mindset. Appreciation for how strong compliance practices support customer trust, audit confidence, and long-term platform credibility. Tools and Technologies FedRAMP Moderate compliance and authorization tooling, including System Security Plans (SSPs), control narratives, continuous monitoring (ConMon) deliverables, POA&Ms, SARs, and other annual assessment artifacts. Experience working within FedRAMP repositories and maintaining audit-ready system-of-record documentation. NIST-based security frameworks, particularly NIST SP 800-53 Rev. 5, with the ability to map controls to technical and procedural implementations, evaluate control inheritance, and support baseline tailoring across regulated environments. Experience supporting regulated compliance programs, including FedRAMP Moderate, CJIS, SOC 2 Type II, HIPAA, and GDPR, with an emphasis on overlap analysis, evidence reuse, and consistency across frameworks. AWS cloud environments (working knowledge), including IAM, CloudTrail, AWS Config, Security Hub, GuardDuty, and VPC networking concepts, sufficient to assess compliance impact, authorization boundary changes, and shared responsibility considerations (not hands-on infrastructure ownership). Identity and access management concepts, including familiarity with NIST SP 800-63, 800-63A, 800-63B, and 800-63C; identity proofing, authentication assurance levels (IAL/AAL/FAL); federated identity models (SAML, OIDC, OAuth 2.0); and privileged access management fundamentals. Security monitoring and audit evidence sources, including SIEM and centralized logging platforms (e.g., Sumo Logic or equivalent), with experience evaluating alerting, log retention, and evidence quality for continuous monitoring and audit support. Vulnerability management workflows, including familiarity with scanning tools (e.g., Nessus, AquaSec, Invicti, Qualys, or equivalent), risk rating methodologies, remediation tracking, and POA&M lifecycle management in compliance-driven environments. Change management and security impact analysis processes, including Security Impact Analyses (SIAs), Significant Change Requests (SCRs/SCNs), authorization boundary documentation, and coordination of approval workflows with internal and external stakeholders. Secure development lifecycle (SDLC) and configuration management concepts, aligned with NIST SA, CM, and SI control families, with sufficient understanding to evaluate engineering practices, CI/CD security signals, and control effectiveness without acting as a primary implementer. Collaboration and documentation platforms, including Confluence and Jira for compliance tracking, evidence coordination, and audit workflows, and GitHub (or equivalent) for policy versioning, evidence references, and change traceability. Basic automation and reporting skills, including the use of spreadsheets, lightweight scripting, or GRC platform automation to improve evidence accuracy, reporting consistency, and delivery timelines. Ability to pass a federal background check and obtain and maintain CJIS clearance required. Other Bachelor's degree in Computer Science, Engineering, Mathematics, Information Systems, or a related field preferred Valued Certifications: CISSP, CCSP, CRISC, or CISA. Cloud or identity-focused certifications (e.g., AWS Security Specialty) are a plus. Equivalent experience in regulated, compliance-driven environments is valued over specific credentials. Candidates with less experience directly applicable to this position will be considered. You belong here! Not everyone checks every single box, and we encourage you to apply. #J-18808-Ljbffr Tyler Technologies, Inc.
$161.6k - $202k
...— and that responsibility demands a security and compliance program that scales with the business. We're building out our dedicated GRC team to improve and mature our program! You'll join the Security team and work across four pillars: security certifications (HITRUST...SuggestedWork from homeFlexible hours- ...Governance, Risk & Compliance (GRC) Analyst (AI Training) About the Role We're partnering with the world's leading AI research labs to build smarter, safer AI - and we need practitioners who know how compliance and risk management actually work inside real organizations...SuggestedHourly payOngoing contractContract workFreelanceRemote workWorldwideFlexible hours
- Our client is seeking a ServiceNow GRC Analyst to join their team. As a ServiceNow GRC Analyst, you will be part of the Enterprise Compliance department supporting the implementation and management of Governance, Risk, and Compliance (GRC) solutions. The ideal candidate...SuggestedWork at office
- A technology firm is seeking a Governance, Risk, and Compliance (GRC) Analyst to support its compliance posture, focusing on FedRAMP Moderate Authorization. The role involves audit readiness, compliance program execution, and collaboration with various teams. Strong organization...SuggestedRemote job
- Forrester is seeking a Senior Analyst in Seattle, WA, to provide strategic advice and conduct research for risk management leaders. Candidates should possess strong knowledge of risk management practices and expertise in cyber risk quantification, along with superior presentation...Suggested
$140k - $165k
...while learning, having fun, and making a profound difference for the dreamers and builders in the world. We’re looking for a Senior GRC Analyst to serve as the primary architect for our expanding ISO ecosystem. As a Senior GRC Analyst at DigitalOcean, you will lead the...Local areaWorldwideFlexible hours- Governance, Risk, & Compliance (GRC) Analyst (Senior or Lead) Company: The Boeing Company Boeing currently has an opening for a Governance, Risk, & Compliance (GRC) Analyst (Senior or Lead) that will play a key role in developing and maintaining enterprise policies, standards...Permanent employmentWork experience placementRelocation packageFlexible hoursShift work
- Boeing is seeking a Governance, Risk, & Compliance (GRC) Analyst either at the Senior or Lead level, located in Seattle, WA. This hybrid role involves developing and maintaining enterprise policies and control frameworks across various environments, and demands a rich...
- ManpowerGroup Global, Inc. is seeking a detail-oriented ServiceNow GRC Analyst to support the Enterprise Compliance department. This role focuses on implementing and managing Governance, Risk, and Compliance solutions, where you will analyze and maintain GRC data within...
- A prominent technology firm in Seattle is seeking a Governance, Risk, and Compliance (GRC) Analyst to enhance its data and insights solutions. The role emphasizes sustaining FedRAMP Moderate Authorization and requires strong organizational skills and collaboration across...
- ...missions worldwide. Job Description This position is contingent upon award of contract SOSi is seeking a Risk and Compliance Analyst to support mission requirements for a structured approach to further develop, integrate, and sustain a scalable, federated data...Full timeContract workFor contractorsRemote workWorldwide
- Risk Consultant Puget Sound Workers' Compensation Trust and Unemployment Pool (PSWCT/UP) seeks an experienced Risk Consultant to lead workplace safety and pre-loss initiatives aimed at cultivating a best-practice risk management culture to promote health and workplace...Local area
$120k - $165k
True Anomaly is looking for a driven Enterprise Risk Analyst in Long Beach, CA, to enhance its risk management capabilities. This role involves executing risk assessments, managing vendor risks, and collaborating across teams to ensure compliance with standards like NIST...- Technology Risk & Compliance Analyst (Cloud) Location: Seattle, WA. Key Responsibilities Serve as a senior contributor on client engagements related to IT risk management, audit, and compliance. Perform and oversee advanced testing of IT controls across infrastructure...Temporary workApprenticeship
$138.38k - $198.15k
**Join ERM as a Consulting Director and Shape the Future of Power and Renewables in California****ERM** is seeking a visionary **Consulting Director, Planner/Regulatory Specialist** to join our high-growth Capital Project Delivery team. This is more than a job—it's a leadership...Contract workFixed term contractCasual workWorldwideFlexible hours- ...About the job Risk Analyst As a Risk Analyst at VigorCare Pediatric Services, you will play a critical role in identifying and mitigating potential risks to the organization. You will be responsible for conducting risk assessments, developing risk management strategies...Work at office
$120k - $140k
This role is for someone who finds creative solutions to complex regulatory challenges and takes pride in developing innovative approaches that deliver measurable results. Working within LBS’ Legal and Compliance organization, the Manager serves as the primary trade compliance...Remote workWork from homeFlexible hours$157k - $235k
What You’ll Do: Case Management & Investigations Triage and scope all Integrity and Compliance (I&C) cases, assigning those outside the team’s purview and collaborating with stakeholders on owned cases. Gather case materials from HR, Legal, InfoSec, Global Security, and...Local area$157.9k - $315.9k
Workforce Classification Hybrid What you’ll do Set strategy and lead enterprise compliance Lead the design, development, and implementation of an enterprise-wide program to monitor compliance with applicable legal and regulatory requirements, including services delivered...Work experience placement$36.15 - $60.25 per hour
...Gesa Credit UnionRole Summary:The Experience Risk Management (ERM) Analyst supports the execution of the Credit Union’s Enterprise Risk... ...Microsoft Excel (data analysis), Word, and PowerPointFamiliarity with GRC tools or risk tracking systemsAbility to conduct risk...Contract work$85k - $100k
About Aristotle Aristotle is the leading political technology and data company in the world. Our team of experts comes from all facets of tech, political and corporate backgrounds to offer the most powerful tools to campaigns, elected officials, voters, government organizations...Full timeWork experience placementCasual workImmediate start$120k - $175k
Private Risk Advisor The USI Insurance Services Personal Risk Practice provides comprehensive risk management and insurance consultation to high net worth individuals and family offices with complex financial and insurance needs. The Private Risk Advisor (PRA) is an...Temporary workWork at officeLocal areaFlexible hours- An international consulting firm seeks a Senior Consultant for Risk Technology in Seattle. This role involves designing and implementing risk management solutions using ServiceNow IRM and leading cross-disciplinary projects. Ideal candidates have a relevant educational ...
$88.92k - $159.6k
...designing policies, building systems, and managing operations that safeguard platform integrity. Role Overview As a Regional Risk Analyst, you will serve as the regional risk owner, responsible for building, improving, and monitoring business processes that detect and...Temporary work$75k - $160k
At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities.Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed...Hourly payWork experience placementLocal areaFlexible hours- If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Third-Party Risk Management Program Officer Regular Full-Time Compliance Hillsboro, OR, US 1 Attachments 6 days...Full timePart timeWork experience placement
$119k - $193k
About This Role: Forrester is currently looking for a Senior Analyst to conduct research and deliver strategic advice for risk management... ...in compliance management, internal or external audit, and GRC platforms is strongly desired. The successful candidate researches...For contractors$163.2k - $220.8k
Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth enterprises worldwide. We represent companies at every stage of development, from entrepreneurial start-ups to multibillion-dollar global corporations, as well as the venture firms...Work experience placementWorldwideShift work$75k - $160k
Responsibilities Apply insider risk mitigation strategies. Lead complex, sensitive insider threat investigations from signal to evidence, timeline, interviews, documentation, and team handoff. Design and execute proactive threat hunts and convert findings into actionable...Hourly payWork experience placementLocal area$146.18k - $153.8k
Responsibilities Forecast financial trends to support strategic decision‑making. Evaluate and optimize the effectiveness of credit policies and outcomes. Develop customer risk segments to improve credit management and performance. Utilize statistical segmentation techniques...Work experience placementWork at officeLocal areaRemote work3 days per week
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC Analyst. Be the first to apply!

