GRC Analyst

Do you want to contribute to a larger purpose to save the lives of infants in the NICU? This is Prolacta Bioscience's mission! Take a look at this opportunity with our Cyber Security team, which is seeking a passionate individual, to fill the role of our GRC Analyst. This role support the Information Security Governance, Risk and Compliance team by maintaining the organization's risk register, tracking GRC-related tasks and ensuring compliance with applicable regulations and standards.

Who Is Prolacta Bioscience?

We give babies a brighter future by unlocking the biological power of human milk. Established in 1999, Prolacta Bioscience is a privately held life sciences company that has touched the lives of more than 100,000 premature infants globally. Prolacta is the world's leading hospital provider of 100% human milk- based nutritional products. Based in Southern California, we employ more than 300 people globally, many of whom have dedicated their lives to neonatal care.

For more information, please visit www.prolacta.com

How you will contribute

This role will provide you with the opportunity to contribute to the growth of our organization and develop your professional skills by...

• Assist in maintaining and updating the organization's risk register, identifying potential information security loss event scenarios, tracking risks and ensuring appropriate mitigation actions are taken.
• Maintain the GRC calendar and ensure compliance with internal and external compliance deadlines and audit requirements.
• Support the development, review and management of policies, standards and procedures to ensure alignment with regulatory and security requirements.
• Assist in gathering evidence for internal and external audits to meet compliance obligations (e.g., SOC 2, ISO 27001).
• Track and help remediate non-compliance issues and risks identified during audits or assessments.
• Collaborate with cross-functional teams to ensure GRC tasks and requirements are understood and addressed.
• Monitor and track the status of compliance activities and assist with the preparation of compliance reports.
• Stay updated with relevant industry standards and regulations to support compliance efforts (e.g., GDPR, CCPA, HIPAA).
• Assist with incident documentation and root cause analysis for identified risks.
• Contribute to awareness programs to improve organizational understanding of risk and compliance topics.

What you bring to the role

• Associate's degree in information technology, Cybersecurity, Business, a related field, or equivalent experience or +2 years of experience in Information Security, IT, or GRC-related fields (entry-level candidates with relevant certifications in InfoSec will be considered).
• Foundational understanding of Information Security risk management, compliance frameworks and audit processes.
• Basic knowledge of security regulations (e.g., SOC 2, GDPR, CMMC, ISO 27001, HIPAA) is a plus.
• Excellent organizational skills with attention to detail, particularly in managing compliance calendars and tasks.
• Strong communication and collaboration skills to work with internal teams and external auditors.
• Ability to manage and track multiple tasks simultaneously with minimal supervision.

• Certified Information Security Auditor (CISA) preferred

How Prolacta benefits you

To drive the personal growth and business impact of our employees, we're committed to developing a supportive and enriching culture for everyone. From up to 100% healthcare coverage starting on your first day, to discretionary stock options and 401(k) match, we value our employees' health and financial wellbeing. We offer four weeks PTO during your first year of employment and support our new parents with a generous time-off program. We encourage employees to participate in our employee affinity groups, take volunteer time off, and provide access to different educational opportunities.

What else do you need to know

Location: Remote

Schedule: Monday - Friday 8am to 5pm

Travel: 10% to office in Duarte and City of Industry, CA

FLSA: Non-Exempt

Depending on your residential location certain laws might regulate the way Prolacta manages applicant data. California Residents, please review our Privacy Notice for California Employees and Job Applicants for further information, this can be found on Prolacta.com on www.prolacta.com . By submitting your application, you are agreeing and acknowledging that you have read and understand the above notice.

Physical Requirements

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to effectively communicate (e.g., talking/ hearing), walk, sit, use hands and fingers to handle, feel and reach things. The employee is occasionally required to taste, smell, stoop, kneel, crouch or crawl. Specific vision abilities required by this job include close vision, color vision and ability to adjust focus.

Sedentary to light work; repetitive motions; pushing; pulling; visual acuity to prepare and analyze data and figures, transcribe, view a computer terminal.

EEO Statement

"Prolacta Bioscience, Inc. is an Equal Employment Opportunity Employer." Prolacta Bioscience, Inc. is committed to a proactive program of affirmative action and diversity development. The Company will continue to recruit, hire, train, and promote into all job levels without regard to race, religion, gender, marital status, familial status, national origin, age, mental or physical disability, sexual orientation, gender identity, source of income, or veteran status.