GRC Analyst

Point Wild helps customers monitor, manage, and protect against the risks associated with their identities and personal information in a digital world. Backed by WndrCo, Warburg Pincus and General Catalyst, Point Wild is dedicated to creating the world’s most comprehensive portfolio of industry-leading cybersecurity solutions. Our vision is to become THE go-to resource for every cyber protection need individuals may face - today and in the future. 

Join us for the ride!

About the Role:

The GRC Analyst supports the organization’s cybersecurity, risk management, and regulatory compliance programs, playing a key role in strengthening security posture and maintaining continuous audit readiness. This role is responsible for assisting with enterprise risk assessments, control testing, evidence collection, and the development and maintenance of compliance documentation aligned to frameworks such as SOC 2, NIST, and other applicable regulatory or contractual requirements. The GRC Analyst partners closely with IT, Security, Legal, and business teams to coordinate audit activities, track remediation efforts, and ensure security and compliance requirements are implemented in a practical, scalable manner across the organization.

The ideal candidate is detail-oriented, highly organized, and process-driven, with the ability to analyze complex technical and regulatory requirements and translate them into clear, actionable guidance for both technical and non-technical stakeholders. This role offers hands-on exposure to enterprise security governance, audit programs, and cross-functional collaboration, making it an excellent opportunity for someone looking to grow within the cybersecurity and risk management field.

Day to Day: 

Compliance & Risk Management

• Conduct regular security audits and risk assessments to identify vulnerabilities and areas for improvement.
• Monitor and assess compliance with internal security policies and external regulatory requirements.
• Recommend and track appropriate security controls and mitigation strategies.
• Maintain detailed records of compliance activities, including assessments, corrective actions, and audit results.
• Prepare compliance documentation and reports for internal leadership and external auditors.

Program & Policy Development

• Maintain and support the Simpluris cybersecurity compliance program.
• Regularly update policies, procedures, standards, and documentation to align with evolving regulatory and contractual requirements.
• Develop and maintain templates, tools, and resources to support compliance and audit readiness.
• Utilize compliance and GRC tools (i.e., Drata, Vanta, or similar platforms) to track controls, evidence, risks, and remediation efforts.
• Support third-party risk assessments, vendor questionnaires, and ongoing vendor compliance monitoring.

Collaboration & Communication

• Serve as the primary point of contact between Corporate, Technology, and Operational teams.
• Collaborate with IT, legal, and business units to address compliance challenges.
• Communicate complex technical and regulatory requirements in a clear, accessible manner to diverse audiences.
• Develop and deliver training and awareness sessions

Audit, Monitoring & Incident Support

• Conduct or support internal security audits and compliance reviews.
• Stay current with industry standards, federal regulations, and cybersecurity best practices.
• Support incident response activities, investigations, and post-incident documentation as needed.
• Collect, validate, and maintain audit evidence to support regulatory and customer audits.
• Assist with control testing, gap analysis, and remediation tracking.

What you bring to the table: 

• Bachelor’s degree in information technology, Cybersecurity, Computer Science, Information Security, or a related field.
• 1–3 years of experience in IT security, compliance, risk management, or a related role.
• Experience with compliance and GRC tools (Drata or Vanta).
• Familiarity with cybersecurity and frameworks, including:
• NIST 800-53 R5 (CMMC is a plus)
• Type 2 SOC 2
• HIPAA, PCI-DSS, or GDPR.
• Strong understanding of information security principles and best practices.

Bonus Points: 

• 5+ years of experience in security compliance, risk management, or a related field.
• Bachelor’s degree in information technology, Cybersecurity, Computer Science, Information Security, or a related field.
• Experience working in legal, financial, or other highly regulated environments.
• Experience conducting formal risk assessments and managing compliance programs.
• Experience maintaining and developing security policies, standards, and procedures.
• Professional certifications such as CISSP, CISM, CISA, CompTIA Security+, or CMMC-related certifications.

Point Wild is committed to offering a generous package to support our employees in all aspects of their life in and out of work. Our packages offer competitive pay, generous health and wellness benefits, retirement savings plans, parental leave and much more! Pay range for this position is $80,000 - $95,000 but may vary depending on job-related knowledge, skills, experience and location.

#LI-REMOTE

As part of Point Wild, you will:

Solve real customer problems. Point Wild’s point solutions allow consumers to address their immediate cyber protection needs. Our mandate is to continuously anticipate our customers’ evolving digital security needs to create best-in-class solutions aimed at keeping them safe.

See your impact. We are a scrappy, nimble organization where individual contributions are needed and valued. You will see your impact every day.

Accelerate your career.  As we expand, you will have the opportunity to learn new technologies, products, and markets in a fast-paced, growth-oriented environment.

Most importantly, you’ll get to work with other talented people at a company where people matter. If you want to put your fingerprint on an organization and leapfrog your growth, this is the place for you.

In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. Above and beyond discrimination or harassment based on “protected categories,” Point Wild is committed to being an inclusive community where all feel welcome. Whether blatant or hidden, barriers to success have no place at Point Wild.

Important privacy information for United States based job applicants can be found here.