hero

The Storyboard

Welcome to the Storyboard, a place to explore career adventures at start-ups and companies founded by Claremont alumni and the Claremont community. Choose your next adventure at a company where you’ll have an edge from day one, and leverage our Claremont network to build your career.

Also, make sure to check out our newsletter, StoryHouse Review, to find out more about these companies in the Claremont ecosystem.
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

GRC Analyst

TrackVia

TrackVia

IT
Remote
Posted on Feb 12, 2026
Job Type
Full-time
Description

About TrackVia

TrackVia is a low-code platform-as-a-service (PaaS) that enables organizations to rapidly build secure, mission-critical applications and workflows without heavy development overhead. Serving both government and commercial customers, TrackVia operates in highly regulated environments where strong governance, risk management, and compliance are essential to customer trust and platform reliability.

Our Governance, Risk, and Compliance (GRC) function plays a critical role in enabling the TrackVia platform—embedding security and compliance into how we build, operate, and deliver our services, including maintaining FedRAMP Moderate authorization and supporting customers’ compliance needs. We’re a collaborative, fast-moving team that values ownership, clarity, and measurable impact.

Role Overview

We’re seeking a talented GRC Analyst who is excited to build, support, and scale TrackVia’s compliance programs across FedRAMP Moderate, SOC 2 Type II, and HIPAA.

This role is highly integrated into multiple aspects of the team, partnering closely with the IT & Compliance Lead along with the entire Product & Engineering team to ensure TrackVia continuously meets compliance through operational and security controls under your monitor.

The individual in this role is thrilled by structured, systematic compliance work, appreciates and understands audit processes and expectations, and can independently deliver and execute on defined cadences.

What You’ll Do

Governance, Risk, & Compliance (GRC)

Support the execution and ongoing operation of TrackVia’s Governance, Risk, and Compliance program, with an emphasis on recurring control activities, continuous monitoring, and audit readiness across multiple regulatory and assurance frameworks.

FedRAMP Moderate

  • Support ongoing FedRAMP Moderate authorization and continuous compliance for the TrackVia Government platform.
  • Maintain SSPs, policies, procedures, and control narratives, ensuring alignment with implemented controls.
  • Execute continuous monitoring activities, including access reviews, vulnerability scanning, and required attestations.
  • Manage and update the POA&M, tracking risks and remediation status.
  • Coordinate annual and periodic assessments and testing, including control reviews, IR, CP, and BCDR exercises.
  • Respond to 3PAO and government review requests, providing evidence and clarifications.

SOC 2 Type II

  • Own day-to-day execution of SOC 2 controls related to Security, Availability, and Confidentiality
  • Perform quarterly and annual control self-assessments to ensure controls are operating as designed
  • Collect and organize audit evidence throughout the audit period
  • Support annual SOC 2 examinations, including auditor requests and walkthroughs
  • Track and remediate any control observations or management action items

HIPAA Compliance

  • Support ongoing HIPAA Security Rule and Breach Notification Rule compliance
  • Perform and document periodic risk management and control reviews aligned with HIPAA requirements
  • Coordinate annual HIPAA policy and procedure reviews
  • Assist with incident response and breach notification readiness, including tabletop exercises
  • Track remediation activities identified in HIPAA gap assessments

Customer & Third-Party Compliance

  • Support customer security questionnaires and compliance attestations (e.g., ISO 27001-aligned requests, NIST CSF mappings)
  • Assist with third-party risk management activities, including annual vendor reviews and evidence collection

Compliance Automation & Enablement

  • Maintain and improve compliance evidence repositories and control tracking workflows
  • Support the operation of compliance tooling used to manage audits, evidence, and control testing
  • Identify opportunities to streamline recurring compliance activities through automation and process improvements
  • Partner with IT & Compliance Lead on employee IT requests as needed

Required Qualifications

  • 4–7 years of hands-on experience in GRC, security compliance, or IT audit roles
  • Direct experience supporting SOC 2 Type II and HIPAA compliance programs
  • Practical experience executing controls with defined cadences (monthly, quarterly, annual)
  • Familiarity with NIST 800-53 and risk-based control frameworks
  • Experience collecting, organizing, and defending audit evidence
  • Strong documentation, organization, and time-management skills

Bonus Points

  • Experience supporting or maintaining a FedRAMP Moderate authorization
  • Exposure to or working knowledge of ISO 27001, HITRUST, GDPR, or similar frameworks
  • Experience working in a SaaS or PaaS environment
  • Familiarity with compliance automation tools (e.g., Vanta, Drata, GitLab, Confluence)

Career Growth

This role is expected to evolve into a senior individual contributor position as TrackVia’s compliance footprint grows. The GRC Analyst will help establish scalable processes, documentation, and repeatable compliance workflows to support the future expansion of the IT & Compliance team.

Salary Description
$90,000 - $115,000
See more open positions at TrackVia
Privacy policyCookie policy