Security GRC Analyst
Job Summary
Job Description
The Security GRC Analyst will be a key member of Exabeam’s Governance, Risk, and Compliance (GRC) team. This role focuses on leading and supporting critical components of the company’s cybersecurity compliance programs, third-party risk management processes, and governance initiatives. Key responsibilities include leading the compliance program, developing and maintaining cybersecurity policies, serving as a liaison to external auditors, collaborating with Legal during contract negotiations, managing GRC-related inquiries, managing the internal security risk register, performing risk assessments, conducting third-party risk assessments, completing customer security questionnaires, and contributing to cross-functional GRC initiatives. This role requires a strong understanding of security compliance frameworks and the ability to collaborate across different teams.
Must have:
- 3+ years experience in Information Security or GRC.
- Understanding of security compliance frameworks.
- Experience with compliance programs and audits.
- Excellent problem-solving and analytical skills.
- Ability to collaborate with various teams.
Good to have:
- Experience with cloud platforms (AWS, Azure, GCP).
- Familiarity with risk management tools and GRC platforms.
- Background supporting contract reviews.
- Working knowledge of regulatory obligations.
- Experience with policy development and training.
Perks:
- Extensive medical, dental and vision coverage.
- Generous 401(k) employer match.
- Paid Time off including flex time.
- Widespread learning center for career planning.
- A culture of passionate, diverse, committed professionals.
10 skills required
Job Details
Description
About Exabeam
Exabeam is a global leader in intelligence-driven and automated cybersecurity solutions that power modern security operations. As a pioneer in threat detection, investigation, and response (TDIR), Exabeam helps organizations proactively manage and mitigate cyber risk. Learn more at www.exabeam.com.
Position Overview
The Security GRC Analyst is a key member of Exabeam’s Governance, Risk, and Compliance (GRC) team. This role is responsible for leading and supporting critical components of the company’s cybersecurity compliance programs, third-party risk management processes, and governance initiatives. The ideal candidate will have deep familiarity with regulatory and industry frameworks such as CMMC, NIST, and ISO 27001, and be comfortable working cross-functionally with Legal, Product, and Security stakeholders.
Key Responsibilities
- Lead the strategy, execution, and continuous improvement of the company’s compliance program, including gap assessments, remediation plans, and policy documentation
- Develop, update, and maintain cybersecurity policies, standards, and procedures in alignment with NIST, CMMC, and ISO 27001 frameworks
- Serve as a liaison to external consultants, auditors, and government partners on matters related to CMMC, ISO 27001, and other compliance efforts
- Collaborate with Legal during the contract negotiation process, including providing risk-based feedback and proposed alternatives for security/privacy-related terms
- Manage and respond to incoming GRC-related inquiries and support customer RFPs and assurance documentation
- Manage the internal security risk register and perform formal risk assessments using industry-standard methodologies
- Conduct and oversee third-party/vendor risk assessments; collaborate with procurement and business owners to assess and mitigate vendor-related risks
- Complete customer security questionnaires, showcasing Exabeam’s security posture and compliance with global data protection regulations (e.g., GDPR, CCPA, HIPAA)
- Contribute to cross-functional GRC initiatives including security awareness training, internal control evaluations, audit readiness, and program maturity assessments
- Support internal audits and external assessments, including SOC 2, ISO 27001 surveillance and certification audits
Qualifications
- 3+ years of experience in Information Security, GRC, Risk Management, or Compliance
- Strong understanding of security compliance frameworks (e.g., NIST 800-171/53, CMMC, ISO 27001, SOC 2, FedRAMP)
- Demonstrated experience leading or supporting compliance programs and internal/external audits
- Excellent problem-solving, analytical, and critical thinking skills
- Ability to collaborate across Legal, Security, Product, and Engineering teams in a fast-paced environment
- Strong communication and documentation skills, with the ability to deliver clear and concise reporting to both technical and executive audiences
- Self-motivated, well-organized, and capable of managing multiple workstreams with minimal oversight
Preferred Skills
- Experience with cloud platforms (AWS, Azure, GCP) and associated compliance implications
- Familiarity with risk management tools and GRC platforms
- Background supporting contract reviews and negotiations for security/privacy clauses
- Working knowledge of regulatory obligations such as GDPR, CCPA, and HIPAA
- Experience with policy development, training programs, and control implementation initiatives
Exabeam Total Rewards offers you:
(Subject to applicate eligibility requirements)
(Subject to applicate eligibility requirements)
- Extensive medical, dental and vision coverage to meet your healthcare needs and employer Health Savings Account contribution to help pay for health expenses now or in the future
- Generous 401(k) employer match to help you save for your future
- Paid Time off including “take what you need” flex time, volunteer day of service, your birthday, parental leave, holidays and more
- Widespread learning center for career planning and skill development to grow your career
- A culture of passionate, diverse, committed professionals
The annual starting salary for this position is between $130,000 - $145,000 annually depending on experience and other qualifications of the successful candidate.
Bring your Whole Self to Work!
Diversity, equity, and inclusion are at the core of who we are. At Exabeam, we know that diverse perspectives spark innovation, improve creativity, and position our team for success. Creating a culture where all are welcomed, valued, and empowered to achieve their full potential is important to who we are today and in the future. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors.
Diversity, equity, and inclusion are at the core of who we are. At Exabeam, we know that diverse perspectives spark innovation, improve creativity, and position our team for success. Creating a culture where all are welcomed, valued, and empowered to achieve their full potential is important to who we are today and in the future. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors.
Exabeam is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status.
Exabeam and LogRhythm have merged. You can learn more about our cybersecurity powerhouse here.
Similar Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Similar Skill Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Jobs in United States
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Similar Category Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
About The Company
LogRhythm designs, develops, and delivers AWE-SIEM solutions that help our customers proactively defend and respond to cyberthreats and positively impact their organizations. They have a reputation for their dynamic culture, commitment to thorough innovation, and thoughtful career development.
Get notified when new jobs are added by Logrhytm
