Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Sr. Cyber Governance, Risk & Compliance Analyst

$117k - $151k

Vuori

Sr. Cyber Governance, Risk & Compliance Analyst

Vuori is re-defining what athletic apparel looks like: built to move and sweat in but designed with a casual aesthetic to transition into everyday life. We draw inspiration from an active coastal California lifestyle; an integration of fitness, creative expression and life. Our high energy fast paced retail environment is reflected in the clothes we make. We aim to inspire others to take on all aspects of their lives with clarity, enthusiasm and purposewhile having a lot of fun along the way. We are proud to be an outlet for opportunity and for personal growth and success.

The Senior Cyber Governance, Risk & Compliance Analyst is a senior level security professional whose primary responsibility is to design, operate, and continuously mature the organization's Third?Party / Vendor Risk Management (TPRM) program. In this role, the analyst serves as an embedded risk partner to the business, driving consistent, high?quality vendor risk outcomes across the full third?party lifecycle.

While TPRM is the core focus of this role, the analyst is also expected to contribute meaningfully across other Information Security and Privacy domains as needed, including privacy operations, cyber governance, risk and compliance (GRC), and security operations. This role is ideal for a practitioner who enjoys vendor risk but is comfortable flexing across adjacent security functions in a fast-moving environment.

What you'll get to do:

Third?Party / Vendor Risk Management (Primary Focus)

  • Design, implement, operate, and continuously mature the Third?Party Risk Management program, evolving it from a reactive, compliance driven function into a proactive, risk-based capability.
  • Execute and oversee the full third-party risk lifecycle, including onboarding, inherent and residual risk assessments, due diligence, periodic reviews, contract risk review, issue management, remediation tracking, and ongoing monitoring.
  • Perform deep technical security and risk assessments of third parties, including cloud services, SaaS platforms, infrastructure providers, and technology vendors.
  • Review and interpret security assurance artifacts such as SOC 2 Type II reports, penetration test reports, CAIQ, SIG, ISO certifications, and other compliance attestations.
  • Evaluate complex vendor solutions, including API integrations with critical internal systems, cloud native architectures (AWS, Azure, GCP), and AI/ML platforms.
  • Assess and manages emerging third-party risks, including artificial intelligence risks such as data provenance, model integrity, data leakage, and secure handling of proprietary or regulated data.
  • Lead end-to-end issue and remediation management, ensuring accountability, effectiveness, and timely closure of identified control gaps.
  • Develop and maintain TPRM standards, playbooks, governance models, escalation paths, and operating procedures aligned with regulatory expectations and business needs.
  • Build and deliver meaningful reporting, dashboards, and metrics that provide leadership with clear visibility into third-party risk posture, trends, and decision points.

Privacy & Data Protection (Primary Focus)

  • Support privacy operations, including Data Subject Requests (DSRs), Data Protection Impact Assessments (DPIAs), and data mapping initiatives.
  • Partner with Privacy and Legal stakeholders to assess vendor and internal data processing risks and ensure appropriate safeguards are in place.
  • Contribute to privacy related risk assessments, controls validation, and remediation tracking as needed.

Cyber Governance, Risk & Compliance (Supporting Responsibility)

  • Support cyber GRC activities, including tracking information security risks, risk exceptions, and remediation plans.
  • Assist with the implementation and ongoing operation of security and risk management frameworks (e.g., NIST, ISO, SOC 2).
  • Contribute to audit and assurance activities by providing risk assessments, evidence, and clear articulation of control posture.

Security Operations & Enablement (Supporting Responsibility)

  • Provide support to information security operations as needed, including incident response activities, impact analysis, and post incident follow?up.
  • Contribute to security awareness and training initiatives, helping translate risk themes into actionable guidance for the business.
  • Assist with cross functional security initiatives during periods of increased demand or emerging risk.

Business Partnership & Advisory

  • Serve as a trusted risk advisor to vendor relationship owners and senior stakeholders, reducing their operational burden while preserving clear risk ownership and accountability.
  • Partner closely with Legal, Compliance, Procurement, Technology, and Security teams to synthesize requirements and deliver practical, risk?appropriate solutions.
  • Review vendor contracts and summarize risk?relevant provisions, control obligations, and gaps, partnering with Legal to support risk?informed contract decisions.
  • Escalate material risks, delays, or control gaps thoughtfully and early, framing issues in clear business terms and presenting well?defined options for decision?making.

Qualifications

Who you are:

  • 7+ years of progressive experience in Information Security, Third?Party Risk Management, Vendor Risk Management, GRC, or Operational Risk.
  • Demonstrated experience owning, building, or leading a Third?Party / Vendor Risk Management program.
  • Bachelor's degree in information security, Computer Science, Business Administration, or a related field or equivalent practical experience.
  • Strong experience conducting security risk assessments, assurance reviews, audits, and remediation management.
  • Deep technical understanding of cloud, SaaS, infrastructure, and AI vendor risk.
  • Hands on experience reviewing SOC 2, ISO 27001, penetration test reports, CAIQ, SIG, and similar security documentation.
  • Strong written and verbal communication skills, with the ability to translate technical risk into a clear business context for diverse audiences, including senior leadership.
  • Proven ability to work autonomously, manage competing priorities, and drive outcomes in a fast paced environment.

Additional Information

Our investment in you:

At Vuori, we're proud to offer the following to our employees:

  • Health Insurance
  • Savings and Retirement Plan
  • Employee Assistance Program
  • Generous Vuori Discount & Industry Perks
  • Paid Time Off
  • Wellness & Fitness benefits

The salary range for this role is $117,000 per year - $151,000 per year.?This role is bonus eligible.

Vuori is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

All your information will be kept confidential according to EEO guidelines.

Vuori
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Sr. Cyber Governance, Risk & Compliance Analyst in Carlsbad, CA vacancy
  •  ...Risk Management Program Coordinator This position's responsibilities include planning...  ...procedures. Monitoring programs for compliance with existing and new laws; analyzing...  ...required. Interaction with regulatory and government agencies and officials; consultants and... 
    Senior
    Work at office
    Local area

    Government Jobs

    Encinitas, CA
    4 days ago
  • $90.5k - $143k

     ...IT Risk Senior Analyst One team. Global challenges. Infinite opportunities. At Viasat, we'...  ...helped shape how consumers, businesses, governments, and militaries around the globe...  ...for integrating IT risk management and compliance into enterprise technology transformation... 
    Senior
    Work at office
    3 days per week

    Viasat

    Carlsbad, CA
    2 days ago
  • $74.9k - $96.29k

     ...Risk & Insurance Analyst The Risk and Insurance Analyst support Vuori's risk management function by combining hands-on claims management...  ...outstanding and completed transactions Legal Affairs & Corporate Compliance Management Support the operational compliance of... 
    Suggested

    Vuori

    Carlsbad, CA
    1 day ago
  • $102.17k

     ...the Trinnex Security Team as a Senior Cyber Security Analyst, where you will operate at the intersection...  ...reviews of security controls and compliance with regulatory and security frameworks...  ...analysis (SCA), open-source risk management, and vulnerability remediation... 
    Cyber
    Senior
    H1b

    Trinnex

    Carlsbad, CA
    1 day ago
  • $115.26k - $149.16k

     ...support of global commercial and clinical programs. Identify CMC risk areas and suggest alternative scenarios and course of action....  ...guidelines to ensure that regulatory submissions are in compliance with applicable regulations. May be responsible for ensuring that... 
    Senior
    Work at office
    Local area
    Immediate start
    Remote work
    Relocation
    Flexible hours

    Kite Pharma

    Oceanside, CA
    3 days ago
  • $82.5k - $153k

     ...the space, air, land, sea and cyber domains in the interest of...  ...Perform Monte Carlo Schedule Risk Assessment (SRA) on key programs...  ...and written. In compliance with pay transparency requirements...  ...employment may be subject to government security investigation(s) and... 
    Cyber
    Senior
    Contract work
    For contractors
    For subcontractor
    Local area
    Flexible hours

    L3Harris Technologies

    Carlsbad, CA
    3 days ago
  • $134k - $184k

     ...research and analysis of vulnerabilities in cyber physical systems. Work must be performed...  ...U.S. citizenship is needed by the U.S. Government Bachelors Degree in Computer Science,...  ...and satisfy the requirements for compliance with export control and other applicable... 
    Cyber
    Senior
    Full time
    Work experience placement
    Local area
    Night shift

    Science & Technology Research (STR)

    Carlsbad, CA
    3 days ago
  •  ...the space, air, land, sea and cyber domains in the interest of...  ...troubleshooting, qualification, and compliance-related activities for...  ...integration issues, reduce technical risk, and support program...  ...employment may be subject to government security investigation(s) and... 
    Cyber
    Senior
    Local area

    L3Harris Technologies

    Carlsbad, CA
    15 hours ago
  •  ...the space, air, land, sea and cyber domains in the interest of...  ...troubleshooting, qualification, and compliance-related activities for...  ...integration issues, reduce technical risk, and support program...  ...employment may be subject to government security investigation(s) and... 
    Cyber
    Senior
    Local area

    Harris Geospatial Solutions

    Carlsbad, CA
    10 hours ago
  • $93k - $117k

     ...procurement operations across defense and government programs Serve as a subject matter...  ...create and manage purchase orders and ensure compliance. Maintain accurate and complete...  ...intelligence, and national security in: cyber; next generation sensors, radar, sonar,... 
    Cyber
    Senior
    Full time
    For subcontractor
    Local area
    Night shift

    Science & Technology Research (STR)

    Carlsbad, CA
    1 day ago
  • $60k - $112k

     ...management of materials to support our Intel and Cyber operations. In this role, the...  ...practices; 5S, six sigma, etc In compliance with pay transparency requirements, the...  ...conditional offer of employment may be subject to government security investigation(s) and must meet... 
    Cyber
    Senior
    Local area
    Flexible hours

    L3Harris Technologies

    Carlsbad, CA
    15 hours ago
  • $115.26k - $149.16k

    Kite Pharma is seeking a Regulatory Affairs CMC professional in Oceanside, CA to prepare regulatory submissions and ensure compliance with policies. This role supports CMC operations and lifecycle management for investigational and commercial products. Applicants should... 
    Senior
    Remote job
    Flexible hours

    Kite Pharma

    Oceanside, CA
    3 days ago
  • $225k - $289k

     ...Senior Director, Enterprise Information Management & AI Governance This is a strategic enterprise leadership role responsible for modernizing...  ...understand how data, process, technology, business context and risk intersect, and they will know how to create transformative... 
    Senior
    Temporary work

    Thermo Fisher

    Carlsbad, CA
    1 day ago
  • $117k - $185k

     ...than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We’re looking for...  ...full‑stack software engineer in the developing networking and cyber security products for diverse customer based. You will join a... 
    Cyber

    ViaSat

    Carlsbad, CA
    1 day ago
  •  ...Principal Program Cost Control Analyst At Northrop Grumman, our...  ...differentiated battle management and cyber solutions deliver timely,...  ...development, budget baseline, cost risk analysis/assessment and...  ...and agreed-upon parameters and government cost control guidelines, including... 
    Cyber
    Contract work

    Northrop Grumman

    Carlsbad, CA
    2 days ago
  •  ...Sr. Technical Manager Overview of the position We are seeking a highly experienced...  ..., ensuring business continuity and compliance with data retention policies. Develop,...  ...timelines, resource allocations, budgets, and risk mitigation strategies. Communicate... 
    Senior

    The Upper Deck Company

    Carlsbad, CA
    3 days ago
  •  ...March 2027, includes travel to vendor FAT/Cyber FAT (CFAT) locations, and remains on-site...  ...records. Training, Workforce Security & Compliance Documentation Track and maintain evidence...  ...site that improve repeatability and reduce risk. Management Responsibilities... 
    Cyber
    Full time
    Work experience placement
    Casual work
    Work at office
    Remote work
    Home office

    Black & Veatch

    San Marcos, CA
    3 days ago
  •  ...Sr. Principal Medical Development Director, Breast Portfolio At Exact Sciences, we're helping change how the world prevents, detects...  ...cross-functional stakeholders including commercial, product, compliance, market access, and regulatory. Identify opportunities to... 
    Senior
    Night shift

    Exact Sciences

    Carlsbad, CA
    4 days ago
  • $95k - $149.5k

     ...shape how consumers, businesses, governments and militaries around the...  ...contain & mitigate security risks, and supporting threat hunting...  ...collaborate closely with the Cyber Threat Intelligence (CTI) team...  ...), GIAC Certified Intrusion Analyst (GCIA), GIAC Penetration Tester... 
    Cyber
    Work at office
    Remote work

    ViaSat

    Carlsbad, CA
    2 days ago
  • Job Title Job Description Software Technology, Inc.
    Senior

    Software Technology, Inc.

    Carlsbad, CA
    15 hours ago
  • $139k - $180k

     ...which U.S. citizenship is needed by U.S. Government. Even Better: ~ Active Secret or...  ...intelligence, and national security in: cyber; next generation sensors, radar, sonar,...  ...clearances and satisfy the requirements for compliance with export control and other applicable... 
    Cyber
    Senior
    Full time
    Local area
    Remote work
    Night shift

    STR

    Carlsbad, CA
    7 days ago
  • $184.97k

     ...Sr Cloud DevOps Engineer Own end2end agile DevOps-based software develop life cycle. Req: BSc or equiv in Comp Sci, Soft Eng, Elec...  ...Email to: ****@*****.***, ref#SCDOE-1. Sr. Applications Support Analyst Support the Institute's Lab Grading System. Work w/engs & clients... 
    Senior
    Remote work

    Stryker

    Carlsbad, CA
    1 day ago
  • $115k - $173.58k

     ...specializing in modeling and simulation, cyber transformation, air vehicle mission integration...  ...between requirements, design elements, risks, schedules, and verification artifacts....  ...TS/SCI. An active and transferable U.S. government-issued DODTS/SCI with the ability to... 
    Cyber
    Senior
    Full time
    Contract work
    Temporary work
    Local area
    Relocation package
    Flexible hours

    KBR

    Carlsbad, CA
    9 days ago
  • $141.5k - $224k

     ...Experienced Program Manager Viasat Government - Secure Network Systems (SNS) is seeking an...  ...coordinating diverse engineering teams, mitigating risks, and fostering strong customer...  ...practices such as PMP. Familiarity with security/cyber technologies and IP networking.... 
    Cyber
    For subcontractor

    Viasat

    Carlsbad, CA
    4 days ago
  •  ...connecting the space, air, land, sea and cyber domains in the interest of national security...  ...for the reliability, performance, compliance, and continuous improvement of site infrastructure...  ...Planning Compliance, Safety, and Risk Management Vendor and Contractor Management... 
    Cyber
    For contractors
    Work at office

    L3Harris Technologies

    Carlsbad, CA
    4 days ago
  • $153k - $284k

     ...the space, air, land, sea and cyber domains in the interest of...  ...definition, analysis, integration and risk mitigation for large...  ...and executive management In compliance with pay transparency requirements...  ...employment may be subject to government security investigation(s) and... 
    Cyber
    Work experience placement
    Local area
    Flexible hours

    L3Harris

    Carlsbad, CA
    1 day ago
  • $70k - $80k

     ...Sr. Accountant Talentry is seeking a highly skilled Senior Accountant to join their team. This role involves managing various accounting...  ...tasks to ensure the company's financial health and regulatory compliance. Key Responsibilities: Financial Record Maintenance: Prepare and... 
    Senior
    Work at office
    Local area

    Talentry LLC

    Carlsbad, CA
    10 hours ago
  • $127.5k - $236.5k

     ...connecting the space, air, land, sea and cyber domains in the interest of national...  ...within the Defense Industry supporting government and/or DoD customers. Experience...  ...related tasks without assistance. In compliance with pay transparency requirements, the... 
    Cyber
    Work experience placement
    Local area
    Flexible hours

    Navstar

    Carlsbad, CA
    4 days ago
  • $104.8k - $128k

     ...The Group is currently seeking a Senior Financial Analyst that will play a key role within the Studio Finance team at Walt Disney Animation...  ...Studio financial data for the WDAS Leadership team. The Sr. Financial Analyst will work closely with the various teams across... 
    Senior

    Walt Disney Animation Studios

    Carlsbad, CA
    2 days ago
  • $127.5k - $236.5k

     ...connecting the space, air, land, sea and cyber domains in the interest of national security...  ...schedules, resource forecasts, and risk assessments. Lead all technical aspects...  ...change orders, part releases, etc.) In compliance with pay transparency requirements, the salary... 
    Cyber
    For subcontractor
    Local area
    Flexible hours

    L3Harris Technologies

    Carlsbad, CA
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Sr. Cyber Governance, Risk & Compliance Analyst. Be the first to apply!