GRC Analyst

What you can expect

Zoom is seeking a talented GRC Tech Analyst to join our Security GRC team. As a GRC Tech Analyst, you will strengthen Zoom's security posture by maturing our Common Controls Framework and expanding our certification landscape. You'll collaborate across security, engineering, and risk teams to automate compliance monitoring and implement controls. Your work will directly protect customers and enable Zoom to move faster with confidence.

Security GRC is a people‑first, high‑impact team that sits at the intersection of security, product, legal, and leadership. Through our standards, controls, certifications, customer assurance, and risk and vendor management programs, we enable Zoom to move faster and smarter. We help unlock revenue through risk‑based security initiatives, creative problem‑solving, and strategic partnerships. Join us to help shape GRC innovation in a global tech company while working alongside thoughtful, collaborative, and deeply talented teammates!

• Playing a central role in the maturation and documentation of Zoom's Common Controls Framework.
• Evaluating, documenting, and communicating security issues and risks related to control design and gaps.
• Co‑administering the GRC platform and its modules across multiple teams.
• Assessing the effectiveness of management, operational, and technical security controls.
• Developing and managing a security exceptions process.
• Collaborating with cross‑functional teams to gather and document security requirements.
• Identifying automation opportunities for evidence collection and control compliance verification.
• Supporting external auditors during regulatory and compliance assessments. Consulting with key stakeholders on information security policies, standards, and procedures.

• Have 1+ years of experience in cybersecurity governance, risk management, compliance, or assessments/audits.
• Demonstrate understanding of cybersecurity, GRC lifecycle, security assessment methodologies, security questionnaires, and evidence review processes.
• Show familiarity with security, cloud, and compliance frameworks (e.g., ISO 27001/27002, NIST (CSF, 800‑53, 800‑171), SOC 1/2). This also includes frameworks such as CIS Controls, PCI DSS, HITRUST, FedRAMP, CSA CCM, and ISO 27017/27018.
• Be able to analyze complex environments against cybersecurity control requirements and communicate conformance clearly to technical and non‑technical audiences.
• Show effective organizational and project management skills with attention to detail. Excellent written and verbal communication skills.
• Demonstrate knowledge of data protection regulations (e.g., GDPR, CCPA/CPRA, HIPAA/HITECH, GLBA) and familiarity with cloud‑based IaaS architectures, preferably in AWS and OCI (a bonus).
• Have experience with SaaS‑based GRC tools or platforms (e.g., Hyper Proof, Service Now, or similar platforms). Also have experience with security monitoring offered natively in platforms and applications, such as AWS, SIEM and PAM tools, and vulnerability scanning solutions. (a bonus).
• Possess professional certifications such as CISA, CISM, CISSP, ISO 27001 Auditor (a bonus).

Minimum: $73 300,00

Maximum: $

In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.

Note:

Starting pay will be based on a number of factors and commensurate with qualifications & experience.

We also have a location based compensation structure; there may be a different range for candidates in this and other locations.

02/13/26

Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In‑Person is indicated in the job description/posting.

As part of our award‑winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work‑life balance; and contribute to…