PayScale

GRC Analyst II

PayScale$70K — $95K *
US-AnywhereRemote in United States
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in cybersecurity, information systems, or a related field
  • 2-4 years of work experience in GRC or information security in SaaS/software
  • Understanding of SOC 2, ISO 27001, NIST 800-53, or CIS frameworks
  • Experience with data classification frameworks and governance
  • Vendor security assessments and third-party risk management experience
  • Hands-on support for audit activities, particularly SOC 2
  • Familiarity with GRC tools (e.g., Drata, ServiceNow)
  • Strong communication skills with both technical and non-technical stakeholders

Responsibilities

  • Maintain data classification program and coordinate with data owners
  • Manage system classification and ownership inventory
  • Support audit activities for SOC 2 and compliance
  • Conduct vendor security assessments
  • Oversee policy management lifecycle and maintain version control
  • Identify control gaps and partner with business units for solutions

Benefits

  • Flexible remote-first work model allowing for diverse working environments
  • Inclusive culture promoting continuous learning and growth
  • Flexible paid time off with 14 company holidays
  • Comprehensive benefits plan covered up to 100%
  • 401(k) with immediate company match
  • 16 weeks of paid parental leave
  • Annual remote work stipend for wellness or home office equipment
Full Job Description
Job Summary

Payscale is looking for a GRC Analyst II to join our Information Security Team, reporting to the Manager of GRC. In this role, you will take on broader ownership of core GRC program areas while supporting senior-level initiatives across risk, audit, and compliance. The ideal candidate brings hands-on GRC experience, strong communication skills, and the ability to operate independently across technical and business stakeholders to drive compliance and risk outcomes.

What You'll Do
  • Maintain Payscale's data classification program, including classification schema, tagging standards, and coordination with data owners to ensure accurate and consistent classification across systems and assets
  • Maintain the system classification and ownership inventory, partnering with teams to ensure systems are properly classified, attributed, and reviewed on a defined cadence
  • Support audit coordination activities for SOC 2 and other compliance frameworks.
  • Conduct vendor security assessments reviews.
  • Manage the policy management lifecycle, including drafting new policies and standards, tracking review cycles, coordinating approvals, and maintaining version control.
  • Identify control gaps or process improvement opportunities and partner with business units to implement and sustain effective controls.


What We're Looking For
  • Bachelor's degree in cybersecurity, information systems, or a related field
  • 2-4 years of work experience in GRC, information security, or a related field within a commercial SaaS or software company
  • Working knowledge of information security control frameworks such as SOC 2, ISO 27001, NIST 800-53, or CIS
  • Demonstrated experience with data classification frameworks and data governance concepts
  • Experience conducting vendor security assessments and managing third-party risk workflows
  • Hands-on experience with audit support activities, including evidence collection for SOC 2 or similar frameworks
  • Solid understanding of information security policies, standards, and procedures
  • Hands-on experience with GRC tools or platforms (e.g., Drata, ServiceNow GRC, or similar)
  • Strong written and verbal communication skills with the ability to engage both technical and non-technical stakeholders
  • Ability to manage multiple workstreams independently, prioritize effectively, and meet deadlines.


Location

Payscale has an employee centric remote-first model that provides you the flexibility to do your best work in a space that supports you, while also finding time to collaborate in person for the moments that matter.

In our remote-first model, employees can work from the location that works best for them. We do not have centralized corporate offices. Employees can choose to work from home, in company-paid co-working spaces, or any combination of the two that best suits their unique needs.

If you work from home, we recommend ensuring that you can meet the following technology, equipment and workspace requirements:
  • High-Speed Internet - A stable broadband or fiber connection (satellite is highly discouraged) with a minimum speed of 100 Mbps in a dedicated workspace that has a reliable Wi-Fi signal.
  • Device for Multifactor Authentication (MFA/2FA) - smartphone, tablet, etc.

When it matters (usually no more than a few times a year) we take the time to gather for in-person events.

Payscale has employees across the US, Canada, UK, The Philippines and Romania however we are currently unable to hire in the Quebec Province, Northern Ireland, and Hawaii.

Benefits and Perks

All around awesome culture where together we strive to live our 5 values:
  • Data informed decision making.
  • Customer first. Always.
  • Succeed together.
  • Relentless about results. Obsessed with excellence.
  • Lead the change. Shape the standard.

An open and inclusive environment where you'll learn and grow through programs and resources like:
  • Monthly company All Hands meetings
  • Regular opportunities for executive leadership exposure through things like AMAs
  • Access to continued learning & development opportunities
  • Our commitment to a continuous feedback culture which allows us to drive performance and career growth
  • A growing network of Employee Resource Groups
  • Company sponsored volunteer hours
  • And more!

Our more standard benefits
  • Flexible paid time off, giving you the opportunity to rest, relax and recharge away from work
  • 14 Paid Company Holidays, includes 2 floating holidays (you choose!)
  • A comprehensive benefits plan including medical, dental, life, vision, disability, and life insurance covered up to 100% by Payscale
  • Unlimited infertility coverage benefits through our medical plans
  • Additional supplemental health benefits offered to you and your family
  • 401(k) retirement program with a fully vested immediate company match
  • 16 weeks of paid parental leave for birthing and non-birthing parents
  • Health Savings Account (HSA) options and company contributions each pay period
  • Flexible Spending Account (FSA) options for pre-tax employee allocations
  • Annual remote work stipend to be used on wellness or home office equipment

About PayScale

PayScale is a compensation data and software company. It provides compensation data, software, and services to employers and employees. The company's products are used by employers to establish and maintain competitive and appropriate compensation programs for their employees. PayScale's products are also used by employees to determine their market value and negotiate salaries. The company was founded in 2002 and is headquartered in Seattle, Washington.
Learn more about PayScale
Size
500 employees
Industry
Founded
2002

Similar Jobs

More Jobs at PayScale

More Information Technology Jobs

Find similar GRC Analyst II jobs: