Position Overview:

We are seeking a motivated and detail-oriented GRC Analyst to join our Information Security team. This role will support the organization's governance, risk, and compliance initiatives, focusing on regulatory and framework alignment, third-party risk management, risk lifecycle processes, and policy governance.

The ideal candidate will have foundational knowledge of information security principles, strong analytical skills, and a willingness to learn and grow within the GRC space, especially in platforms such as ServiceNow GRC.

Key Responsibilities
• Compliance & Framework Support
• Assist in the implementation, maintenance, and monitoring of compliance frameworks (e.g., NIST, ISO 27001, SOX, SOC2, CIS, etc.)
• Support internal and external audit activities, including evidence collection and control validation
• Track and report on compliance status, gaps, and remediation efforts
• Third-Party Risk Management (TPRM)
• Conduct vendor risk assessments and due diligence reviews
• Analyze third-party security posture and identify potential risks
• Maintain vendor inventory and track risk treatment activities
• Collaborate with business owners to ensure appropriate risk mitigation
• Risk Management
• Support the execution of the Information Security risk management lifecycle
• Assist with risk identification, assessment, documentation, and tracking
• Help maintain risk registers and ensure risks are properly escalated and monitored
• Partner with stakeholders to support risk remediation planning
• Policy Governance
• Assist in drafting, reviewing, and maintaining information security policies, standards, and procedures
• Facilitate policy review cycles, approvals, and documentation updates
• Ensure alignment with regulatory requirements and industry best practices
• GRC Tooling & Process Support
• Support and learn the administration and use of ServiceNow GRC
• Assist in configuring workflows, tracking activities, and improving GRC processes
• Help identify opportunities for automation and process optimization

Qualifications:

Required
• Bachelor's degree in Information Security, Cybersecurity, IT, or related field (or equivalent experience)
• 1-3 years of experience in information security, risk, compliance, or audit (internships acceptable)
• Basic understanding of security frameworks and regulatory requirements
• Strong analytical, organizational, and documentation skills
• Excellent written and verbal communication skills
• Preferred
• Exposure to frameworks such as NIST, ISO 27001, SOC 2, or CIS
• Security or compliance certifications (e.g., CISM, CRISC, CISSP, CGEIT, or CISA).
• Experience with third-party risk management processes
• Familiarity with risk management concepts and methodologies
• Exposure to GRC tools (ServiceNow GRC preferred, but not required)

Key Competencies
• Detail-oriented with strong follow-through
• Ability to manage multiple priorities and deadlines
• Collaborative mindset with cross-functional teams
• Curiosity and willingness to learn new tools and frameworks
• Strong problem-solving and critical-thinking skills

Why Join Us
• Opportunity to grow within a maturing GRC program
• Exposure to a wide range of security, compliance, and risk disciplines
• Hands-on experience with industry-standard tools like ServiceNow GRC
• Collaborative and supportive team environment

RSU Eligible

This position is eligible to receive restricted stock unit (RSU) awards and cash bonuses, solely at MACOM's discretion, subject to individual and company performance.

Salary Range

The Salary Range for this position is $78,000 - $125,000. Actual salary offered to candidate will depend on several factors, including but not limited to, work location, relevant candidates' experience, education, and specific knowledge, skills, and abilities.

Benefits: This position offers a comprehensive benefits package including but not limited to:

• Health, dental, and vision insurance.
• Employer-sponsored 401(k) plan.
• Paid time off.
• Professional development opportunities.