Senior GRC Risk Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Intuit · 20 hours ago

Senior GRC Risk Analyst

positionMountain View, CA
timeContract
remoteOnsite
seniorityMid, Senior Level
date4+ years exp

Intuit is looking for an exceptional, results-driven professional to join their Governance, Risk, and Compliance (GRC) team. The Senior GRC Risk Analyst will be responsible for performing comprehensive security and compliance reviews of vendors and partners, managing the Enterprise Security Risk Register, and supporting security policies and standards.

AccountingFinancial ServicesFinTechPaaSSoftware
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Third-Party Security Risk Management: Lead and execute end-to-end security assessments (initial and ongoing) of third-party vendors, suppliers, and partners, focusing on inherent risk, control maturity, and compliance with industry standards and contractual obligations
Risk Register & Issue Management: Own the management and maintenance of the Enterprise Security Risk Register, ensuring accurate categorization, impact analysis, and consistent scoring of identified risks
Remediation Tracking: Oversee the security issue tracking process, working closely with control owners across Engineering, Product, and IT teams to define appropriate remediation plans, monitor progress, and escalate overdue items to GRC leadership
Policy & Control Implementation: Actively support the ongoing lifecycle of our Information Security Policies and Standards by reviewing, updating, and aligning them to current and emerging regulatory and security framework requirements (e.g., NIST 800-53, PCI DSS)
Security Control Assessments: Participate in internal security control self-assessments and evidence collection efforts, helping to ensure continuous compliance and audit readiness
Executive Reporting: Develop clear, concise, and actionable risk reporting and metrics (KRIs) for GRC leadership and executive stakeholders, translating technical security issues into business risk context
Cross-Functional Collaboration: Establish strong, trusted partnerships with internal stakeholders (e.g., Legal, Procurement, Engineering, Product) to embed security and risk management practices early in the business lifecycle
Process Improvement: Identify and advocate for opportunities to leverage automation and tooling to streamline risk and vendor assessment processes, enhancing efficiency and accuracy

Qualification

GRC experienceISO 27001PCI DSS complianceNIST CSFRisk management methodologiesThird-party risk assessmentCloud environmentsTechnical auditingSecurity certificationsCommunication skillsProject management

Required

4+ years of hands-on experience in Information Security, focusing on GRC, security risk management, third-party risk, or technical security auditing within a regulated industry, preferably fintech
Strong functional knowledge of widely adopted security frameworks, including NIST CSF, NIST 800-53, ISO 27001, and proven experience with PCI DSS compliance requirements
Demonstrated ability to perform detailed security reviews of third-party documentation (e.g., SOC reports, penetration tests, security questionnaires) to identify security gaps and associated risks
Experienced in applying risk management methodologies, covering the full lifecycle of activities: identification, quantitative/qualitative assessment, mitigation planning, monitoring, and reporting
Foundational understanding of common enterprise technology concepts, including cloud environments (AWS, Azure, GCP), network security, application security, and data protection
Exceptional written and verbal communication skills, with the ability to articulate complex risk issues clearly to both technical and non-technical audiences
Proven ability to manage multiple projects and deadlines simultaneously in a fast-paced environment
BS/BA College Education in a related field (e.g., Computer Science, MIS, Cybersecurity)

Preferred

Security-related certifications such as CRISC, CISM, CISSP, CISA, are highly desirable

Benefits

Cash bonus
Equity rewards
Benefits

Company

Intuit

twittertwittertwitter
Glassdoor4.4
company-logo
Intuit provides financial software solutions to empower individuals and businesses.
dateFounded in 1983
location
Mountain View, California, USA
people-size10001+ employees
web-link
https://www.intuit.com

H1B Sponsorship

Intuit has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (693)
2024 (550)
2023 (586)
2022 (842)
2021 (773)
2020 (514)

Funding

Current Stage
Public Company
Total Funding
$8.52B
Key Investors
JP Morgan Chase
2025-01-31Post Ipo Debt· $4.5B
2023-09-12Post Ipo Debt· $4B
2011-01-19Post Ipo Equity· $6.7M

Leadership Team

leader-logo
Sasan Goodarzi
Chief Executive Officer
linkedin
leader-logo
Alex Balazs
Chief Technology Officer
linkedin

Recent News

Benzinga.com
This Intuit Begins Coverage On A Bullish Note; Here Are Top 5 Initiations For Thursday
2026-01-09
Small Business Trends
Intuit Partners with Circle to Enhance Global Financial Solutions with USDC
2026-01-03
Yahoo Finance
Intuit (INTU) Slipped as the Outlook and Guidance Fell Short of Expectations
2026-01-02
Company data provided by crunchbase