Senior GRC Analyst

at Pax8
  • $100k-$125k
  • Remote - United States

Remote

Cybersecurity

Senior

Job description

Pax8 is the leading cloud-based technology marketplace, simplifying the cloud journey for our partners by integrating technology, business intelligence and proactive service to deliver an unparalleled experience. Serving thousands of partners through the indirect sales channel, our mission is to build the technology marketplace of the future. We are a fast-growing, dynamic and  high-energy startup organization, allowing you to make a meaningful impact on the business. Culture is important to us, and at Pax8, it’s business, and it IS personal. We are passionate, creative and humorously offbeat. We work hard, keep it fun, and expect the best.

We Elev8 each other. We Advoc8 for our partners. We Innov8 continuously. We Celebr8 life.

No matter who you are, Pax8 is a place you can call home. We know there’s no such thing as a _“perfect”_ candidate, so we don’t look for the right “ fit” – instead, we look for the add. We encourage you to apply for a role at Pax8 even if you don’t meet 100% of the bullet points. We believe in cultivating an environment with a diversity of perspectives, in hopes that we can all thrive in an inclusive environment.

We are only as great as our people. And we have great people all over the world. No matter where you live and work, you’re a part of the Pax8 team. This means embracing hybrid- and remote-work whenever possible.

Position Summary:

We are seeking a detail-oriented and proactive Senior Technology Governance, Risk, and Compliance (GRC) Analyst to join our growing organization. In this role, you will play a critical part in safeguarding our cloud-based platforms by identifying and managing technology risks, supporting compliance initiatives, and ensuring the effectiveness of security controls. You will collaborate cross-functionally with teams across engineering, security, technology services, legal, and customer success to maintain our compliance posture, support audits, and drive continuous improvement in our GRC program.

The ideal candidate has a strong understanding of cloud-native technologies, SaaS delivery models, and regulatory frameworks such as SOC 2, ISO 27001, and GDPR. This role requires a mix of analytical rigor, technical acumen, and business judgment to help scale and mature our risk and compliance functions in a dynamic, fast-paced environment.

Essential Responsibilities:

  • Conduct regular IT risk assessments to identify and mitigate technology and cybersecurity risks in a SaaS environment.
  • Perform control assessments to ensure alignment with internal policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, SOC 2).
  • Maintain and update the GRC framework, ensuring it supports strategic business objectives and regulatory compliance for a cloud-native environment and DevSecOps practices.
  • Coordinate and support internal and external IT audits, including evidence collection, walkthroughs, and remediation tracking.
  • Facilitate and monitor the completion of risk treatment plans, working with business units to implement mitigation strategies.
  • Lead or support the incident response process, including documentation, root cause analysis, and post-incident reviews.  Includes on-call Incident Commander rotation (approximately 1 out of 6 weeks).
  • Maintain the risk register, ensuring accurate and up-to-date records of all identified risks and mitigation actions.
  • Develop and deliver GRC training and awareness programs for staff, promoting a culture of risk-conscious behavior.
  • Track and report compliance metrics, risk trends, and audit findings to key stakeholders and leadership.
  • Collaborate with IT, security, legal, and business teams to assess and manage third-party/vendor risks.
  • Ensure timely updates and maintenance of policies, standards, and procedures related to IT risk and compliance.
  • Monitor and interpret emerging regulations and industry best practices, recommending changes to the GRC program as needed.
  • Participate in the development of business continuity and disaster recovery plans, ensuring alignment with risk management objectives.
  • Utilize GRC tools and platforms to streamline risk, compliance, and audit processes.
  • Provide ongoing support for special projects and initiatives related to cybersecurity, data privacy, and regulatory compliance.

Ideal Skills, Experience, and Competencies:

  • 3-5 years in a technology GRC role.
  • Technical background with a focus on SaaS and multi-tenant cloud platforms highly preferred.
  • Proven experience in running assessments and/or audits with demonstratable track record of driving improvements.

Required Behaviors:

  • Compassionate Candor—We aim to assist others with candid, actionable feedback.
  • Seek to Understand—Be open, curious and committed to learning.
  • We Before Me—Actively collaborate and seek out diverse perspectives to ensure a win for Team Pax8.
  • Do What You Say—Take ownership and honor your commitments; prioritize and deliver.
  • Light Up Learning—Be brave and try new ideas; be vulnerable and share your failures so everyone can learn from our mistakes.
  • Driven by Passion—Connects personal passion to Pax8 mission, resilient in face of adversity and uncertainty in pursuit of mission.

Required Education & Certifications:

  • B.A./B.S. in a related field or equivalent work experience.

Compensation:

  • Qualified candidates can expect a compensation range of $100,000/yr to $125,000/yr or more depending on experience.

Expected Closing Date: 6/30/2025

#LI-Remote #LI-AG1

\*\*\* Colorado law requires an estimated closing date for job postings. Please don’t be discouraged from applying if you see this date has passed\*\*\*

At Pax8 we believe that your Total Rewards should include a benefits package that shows how much we value our greatest assets. All FTE Pax8 people enjoy the following benefits:

  • Non-Commissioned Bonus Plans or Variable Commission
  • 401(k) plan with employer match
  • Medical, Dental & Vision Insurance
  • Employee Assistance Program
  • Employer Paid Short & Long Term Disability, Life and AD&D Insurance
  • Flexible, Open Vacation
  • Paid Sick Time Off
  • Extended Leave for Life events
  • RTD Eco Pass (For local Colorado Employees)
  • Career Development Programs
  • Stock Option Eligibility
  • Employee-led Resource Groups

Please take a moment to review our Proprietary Rights and Non-Competition Agreement —this document outlines important information about your rights and responsibilities if you join our team.

Pax8 is an EEOC Employer.

Equal Opportunities

Pax8 is an equal opportunities employer and welcome individuals who are in possession of the appropriate requirements to work within the country the role is based in. Offered individuals will be asked to undertake identity, security compliance and reference checks. Your privacy is important to us. Your data will be held in accordance with Data Privacy best practices and processed only in accordance with our recruiting processes.

Job Applicant Privacy Notice

Share this job:
Please let Pax8 know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Pax8 logo

Pax8

Cloud commerce marketplace

  • Founded in 2012
  • 25 remote jobs

Latest Jobs at Pax8

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply now