Job Summary
As part of Client Compliance & Assurance team, you'll help build and maintain trust by partnering across the business to provide practical, risk-based compliance and assurance that enables the company to scale with confidence.
As a GRC Analyst, you’ll own the operational and administrative side of assurance, partnering across the business to evaluate operational controls and processes, run internal assessments, manage third-party risk, and drive remediation to completion.
This role is ideal for someone who enjoys understanding how organizations operate, asking thoughtful questions, improving processes, and building strong cross-functional relationships.
Your Focus Areas
- Operational Control Assurance
- Internal Assessments
- Third-Party and Vendor Risk Management
- Policy lifecycle & Process Assurance
- Corrective Actions & Continuous Improvement
- Customer & Audit Assurance
Key Responsibilities
- Evaluate the design and operating effectiveness of operational and administrative controls and business processes.
- Review and validate evidence to confirm controls are implemented, operating effectively, and appropriately documented.
- Plan and run the internal assessment program across business functions.
- Own the third-party risk management lifecycle: vendor reviews, risk tiering, and ongoing monitoring.
- Own corrective action (CAPA) and remediation tracking, following each item through to completion.
- Drive policy lifecycle management: reviews, version control, and stakeholder coordination.
- Partner with business teams to identify process-improvement opportunities and strengthen operational maturity.
- Support the operational aspects of customer due diligence, internal assessments, and external audits.
What You'll Bring
Experience
5+ years of experience in Governance, Risk, and Compliance (GRC), internal audit, operational assurance, third-party risk management, or a related discipline.
Experience conducting internal assessments and evaluating operational controls.
Experience validating supporting evidence and assessing control effectiveness.
Experience managing third-party risk assessments and remediation activities.
Experience partnering with cross-functional stakeholders to improve processes and strengthen compliance.
Working knowledge in several of the following areas:
- Governance, risk, and compliance principles
- Internal controls and control testing
- Operational risk management
- Third-party risk management
- Policy and procedure management
- Business process evaluation
- Evidence validation and documentation
- Corrective action management (CAPA)
- Metrics, reporting, and process improvement
- Compliance automation and workflow optimization
You're someone who:
- Builds trusted relationships through collaboration and influence.
- Thinks critically and asks thoughtful questions.
- Exercises sound judgment when evaluating controls, validating evidence, and balancing compliance requirements with business needs.
- Is organized, detail-oriented, and follows through on commitments.
- Enjoys improving processes and finding practical solutions.
- Thrives in a fast-paced, collaborative startup environment.
What Success Looks Like
- Operational controls are consistently evaluated and continuously improved.
- Internal assessments provide meaningful insights that strengthen the organization.
- Third-party risk is managed consistently and effectively.
- Corrective actions are tracked and closed on time.
- Customer and audit activities are supported through high-quality evidence and strong operational assurance.