GRC Analyst, Security - Provo

When you join one of our teams youll be part of a nimble group thats empowered to set aggressive goals and move fast to achieve them. Strategic risks are encouraged and complex problems are solved together by passing the mic and iterating until the best solution comes to light. You wont have to look to find growth opportunitiesready or not theyll find you. From retail to government to healthcare were on a mission to bring humanity connection and empathy back to business. Join over 5000 people across the globe who think thats work worth doing.

GRC Analyst Security - Provo

Why We Have This Role

We create software that the worlds best brands use to deliver exceptional frontline experiences build high-performing teams and design products people love. Serving over 20000 clients globally we are more than a platformwe are the creators and stewards of the Experience Management category. This GRC Security Analyst role is essential to maintaining and advancing our governance risk and compliance posture amid rapid growth and evolving regulatory landscapes. You will collaborate closely with cross-functional teams including legal security product and compliance to identify assess and mitigate risks ensuring Qualtrics meets rigorous security certifications and regulatory requirements. Your work will directly impact how we protect our customers and enable trusted innovation.

How Youll Find Success

• Manage and maintain compliance with industry standards such as FedRAMP ISO 27001 SOC 2 HITRUST and emerging AI governance frameworks.
• Take initiative to understand complex compliance frameworks and work entrepreneurially to implement effective controls.
• Communicate clearly and influence stakeholders across teams to build trust and alignment.
• Apply strong analytical skills to assess risks and develop actionable remediation plans.
• Collaborate effectively with legal security product and customer teams.
• Navigate and support external audits customer audits and certification processes.
• Demonstrate ownership of governance processes and continuous improvement.

How Youll Grow

• Deepen expertise in commercial and/ federal security compliance programs which can include ISO 27001 TISAX FedRAMP High IRAP and others.
• Expand leadership and project management skills through cross-team initiatives and audit coordination.
• Gain exposure to AI security and privacy compliance aligned with NIST AI Risk Management Framework.
• Develop advanced skills in risk assessment supplier risk management and security assurance.

Things Youll Do

• Lead assist and coordinate internal and external security audits and assessments to achieve and maintain certifications.
• Analyze and interpret regulatory requirements across multiple frameworks and translate them into actionable compliance programs.
• Partner with product and engineering teams to ensure security controls meet customer and regulatory expectations.
• Monitor and report on remediation progress and compliance metrics.
• Support customer security reviews questionnaires and risk assessments.
• Drive continuous improvement through automation in GRC processes tools and documentation.

What Were Looking For On Your Resume

• Bachelors degree in IT Information Systems or related discipline.
• 1-3 years of experience in governance risk and compliance roles within information security.
• Experience with IT security assessments control testing and compliance programs such as FedRAMP Moderate/High PCI and SOC 2.
• Familiarity with other assessments such as ISO 27001 HITRUST SSAE18 Protected B SOX or TISAX is a plus.
• Proven ability to work cross-functionally and influence without direct authority.
• Strong written and verbal communication skills.
• Project management experience managing partner expectations and audit schedules.
• Relevant security certifications are a plus such as SSCP Security CISSP CISM CIPP or CISA.
• Experience with AI models is a plus.

What You Should Know About This Team

• The GRC team is a collaborative high-performing group dedicated to protecting Qualtrics and its customers through proactive risk management and compliance.
• We work closely with legal security product and customer success teams as well as external auditors and partners.
• The team embraces strategic risk-taking and continuous learning.
• You will be positioned as a key enabler of business success through security assurance and compliance excellence.

Our Teams Favorite Perks and Benefits

• Access to ongoing professional development certifications and security training.
• Hybrid work model with purposeful in-office collaboration days.
• Inclusive culture committed to diversity equity and belonging.
• Competitive health wellness and financial benefits.
• Frequent team events creative office spaces and a strong emphasis on work/life integration.