Governance, Risk, and Compliance (GRC) Analyst presso StarRez

The Role

We are seeking a Governance, Risk, and Compliance (GRC) Analyst who will play a critical role in strengthening StarRez’s security and compliance posture while fostering trust across our global community of customers. In this role, you’ll work both independently and collaboratively across teams to identify, track and close out security, privacy and compliance issues ranging from ongoing program activities to technical remediation tasks that arise in day-to-day operations.

As a GRC Analyst, you’ll contribute directly to StarRez’s commitment to transparency, data protection and customer confidence by maintaining security documentation, supporting audits and ensuring our governance, risk and compliance programs reflect industry best practices. As part of the Security team, you’ll help shape a culture where security enables innovation rather than restricts it.

Role Specifics

• Work Location: Remote (US)
• Travel: Less than 5% (The percentage of travel is an estimation, and it could vary based on business needs.)   
• Reporting Structure: This role reports to the Security Operations Manager.

Application Deadline: This role will accept applications until December 1st, 2025 at 5PM CT, unless otherwise posted.

What You Will Own

• Act as a visible champion for strong security and privacy practices across StarRez
• Perform and coordinate risk assessments, vendor security reviews and business impact assessments
• Support internal and external compliance audits, including SOC 2 Type II, PCI DSS, Cyber Essentials Plus, GovRAMP and other frameworks
• Coordinate and execute risk mitigation projects, either directly or by engaging the appropriate technical and business stakeholders
• Maintain and improve documentation and evidence required for customer assurance, audit readiness and due diligence processes
• Support the Security Operations Manager and Go-To-Market teams with internal audits, contract reviews and security term assessments
• Produce and deliver customer-facing documentation, resources and presentations that highlight the StarRez security program, and respond to customer security and compliance questions

Required Qualifications

• 2+ years of experience in information security, risk management, IT compliance or data privacy
• Working knowledge of security frameworks and requirements, particularly SOC 2, PCI DSS v4, Cyber Essentials Plus and NIST 800-53 or GovRAMP
• Strong understanding of governance, risk and compliance concepts and how they apply within SaaS or cloud-based environments
• Experience collaborating cross-functionally with product, engineering and business teams to manage risk and meet compliance objectives
• Excellent written and verbal communication skills with the ability to translate complex technical or regulatory requirements into practical business terms

Preferred Qualifications

• Hands-on experience with GRC and relevant platforms such as Vanta, Tenable, and Crowdstrike
• Technical proficiency to assist with system integrations, reporting automation or data collection within compliance tooling
• Familiarity with cloud security principles and shared responsibility models, particularly Microsoft Azure
• Experience supporting customer security questionnaires, compliance assessments or third-party risk management reviews
• Professional certifications such as CISA, CISM, or CISSP

Reasons to join our Team:

• Opportunity to be a part of a well-established, high-performance company that has been in business for over 30+ years
• Full benefits including health care, paid time off, life insurance, and 401k plan with company match for eligible team members.
• A supportive team environment with emphasis on learning and development opportunities
• Our Promise: You will learn, grow, and be appreciated for your impact and contributions.
• Z-Factor: Our most celebrated value, you will work with a team of caring, high-performing, and passionate people who have fun supporting our vision, innovation, and continuous improvement.

Even if you don't have all of the Preferred Qualifications listed above, but feel you have what it takes to succeed in the role, we would love to hear from you!  

We are proud of our diverse workforce and are dedicated to creating a safe and welcoming environment for all employees. People from various ethnicities, ages, genders, and abilities are encouraged to apply.

Notice to external Recruiters and Recruitment Agencies:

StarRez will not accept unsolicited resumes from recruitment agencies, headhunters, or any other third parties for this role through this website or directly to any employee. StarRez and any of our subsidiaries will not pay fees to any third-party agency or company. In addition, we ask that you do not reach out to any employee with regards to this position, or any other positions, now, or in the future.