[Remote] Cybersecurity GRC - Compliance Analyst

Note: The job is a remote job and is open to candidates in USA. Trimble Inc. is transforming the way the world works by delivering products and services that connect the physical and digital worlds. The Cybersecurity GRC - Compliance Analyst will be responsible for ensuring compliance with various security frameworks and conducting audits to maintain the integrity of Trimble’s product portfolio. Responsibilities • Perform SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 and ISO 42001 gap analysis and recommend process, procedural, documentation and tooling recommendations to remediate • Improve Compliance and certification scope efficiency via review and enhancements of the Trimble Common Control Framework • Perform ISO 27001 & ISO27701 Internal Audits • Perform SOC 1 & 2, NIST 800-171 Internal & External Audits • Contribute to annual policy revisions and maintenance of the IMS • Constantly coordinate with key business stakeholders and the external auditor • Present metrics derived from the Integrated Management System, audit results, trends in risk, and corrective action plans to senior leadership • Contribute to the creation of processes and procedures that increase efficiency of the overall compliance program across all standards and frameworks • Collaborate with Cybersecurity team members, Trimble businesses across various geographies • Contribute to risk management processes to ensure business risk posture is properly calculated and proactively managed • Produce and analyze information that will accurately demonstrate the risk posture of each business and drive actions to reduce and manage technical risks • Be able to understand and communicate technical risks to a broad set of stakeholders. Must be able to adjust delivery to the audience Skills • Familiarity with security frameworks and security control auditing, specifically SOC 1 & 2 and NIST 800-171 • Experience with ISO 27001, ISO 27701, ISO 42001 • Experience with risk assessments and scoring • Conducting gap analysis • Internal audits and external audit coordination • Ability to work 6 months project based and 6 months audit • Working knowledge of SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 & ISO 42001 • Designing audit controls spanning SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 & ISO 42001 • Ability to write policy and interpret complex business changes • Comprehensive understanding of risk management standards and guidelines • General IT knowledge (networking, cloud computing, software development) • General knowledge in Data Privacy (GDPR, CCPA and other regulations) • Ability to make effective, timely decisions with clear reasoning • Ability to quickly establish a broad understanding of an issue with limited available information • Excellent organizational and presentation skills • Effective communication skills (verbal and written) and time management skills • Flexible approach to working in a changing environment • Ability to work as part of a collaborative global team • 2 years experience working with SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 • Proficiency in English (written and oral) • 2 years experience in a risk management role, information security role or systems engineer/administrator role in a large, international software company • Hands-on experience with business and GRC tools such as: Jira Service Desk • Demonstrated experience in collecting information from disparate data sources and formulating into reports • Intermediate level experience with Windows and Linux/Unix operating systems • Intermediate level cloud knowledge within AWS, Azure and GCP • Intermediate level scripting knowledge and experience of Splunk and creating queries • Excellent analytical, problem-solving and decision making skills • A relevant degree in Data Science, Computer Science or Engineering (Software or Electrical) • Current general security certifications (e.g., SEC+, GSEC) encouraged but not required • ISO 27001 Certified Internal / Lead Auditor and or equivalent experience • Experience of using AI to reduce manual process and procedure Benefits • Medical • Dental • Vision • Life • Disability • Time off plans • Retirement plans • Tax savings plans for health, dependent care and commuter expenses • Paid Parental Leave • Employee Stock Purchase Plan Company Overview • Trimble is a global technology company that connects the physical and digital worlds, transforming the ways work gets done. It was founded in 1978, and is headquartered in Westminster, Colorado, USA, with a workforce of 10001+ employees. Its website is Company H1B Sponsorship • Trimble Inc. has a track record of offering H1B sponsorships, with 62 in 2025, 61 in 2024, 43 in 2023, 52 in 2022, 51 in 2021, 34 in 2020. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job