GRC Analyst

Introduction

Radicle Health is a collection of human services software products designed to foster collaboration and innovation, helping organizations better serve their communities. We believe technology plays a crucial role in the success of the human services sector, but no single system can meet the diverse needs of every agency. That’s why we’ve built Radicle Health as a home for mission-driven products that support organizations in delivering essential services. Under one roof, our teams learn from each other, test ideas faster, and think holistically about the individuals and communities we serve.

Role Overview

The GRC Analyst supports the organization’s governance, risk, and compliance programs by identifying and assessing risk, ensuring adherence to regulatory frameworks, and maintaining internal policies and controls. This role plays a critical part in safeguarding company assets, protecting sensitive data, and promoting operational integrity in alignment with legal and industry standards.

Key Responsibilities

• Conduct ongoing risk reviews and maintain an up-to-date risk register
• Support risk assessments across critical business processes and systems
• Partner with stakeholders to develop and track risk mitigation plans through resolution
• Assist in building risk metrics and reporting for executive-level visibility
• Monitor adherence to relevant regulatory frameworks and internal controls
• Support audit readiness by coordinating evidence collection and documentation
• Partner with cross-functional teams to ensure successful audit outcomes with no material findings
• Review and update GRC-related policies on a regular cadence
• Support or lead compliance and security training initiatives
• Develop and distribute awareness materials on key compliance topics
• Maintain accurate and secure documentation for audits, investigations, and post-incident reviews

Qualifications

• Bachelor’s degree in Business, Information Security, Risk Management, or related field (or equivalent experience)
• 3-5 years of experience in GRC, risk management, compliance, or audit-related roles
• Familiarity with common compliance frameworks (e.g., SOC 2, ISO 27001, HIPAA, FedRAMP)
• Strong organizational skills with attention to detail and follow-through
• Act as a highly collaborative partner across internal teams and external stakeholders, demonstrating strong consultative and relationship-building skills; proactively align on goals, communicate clearly, and drive shared success through influence, responsiveness