Salary for Mid-level / Intermediate GRC Analyst in United States during 2024

πŸ’° The median Salary for Mid-level / Intermediate GRC Analyst in United States during 2024 is USD 110,000

✏️ This salary info is based on 6 individual salaries reported during 2024

Submit your salary Download the data

Salary details

The average mid-level / intermediate GRC Analyst salary lies between USD 80,000 and USD 145,000 in the United States. It represents the overall compensation/gross salary amount for the working year (before deductions like social security, taxes and other contributions), not including equity/stock options or similar benefits.

Job title
GRC Analyst
Experience
Mid-level / Intermediate
Region
United States
Salary year
2024
Sample size
6
Top 10%
$ 145,000
Top 25%
$ 145,000
Median
$ 110,000
Bottom 25%
$ 80,000
Bottom 10%
$ 65,000

Region represents the primary country of residence of an employee during the year (or residence for tax purposes). All data shown are full-time equivalent (FTE) salaries. Part-time salary information has been extrapolated to its FTE value.

Last updated:

Top 20 Job Tags for Mid-level / Intermediate GRC Analyst roles

The three most common job tag items assiciated with mid-level / intermediate GRC Analyst job listings are Compliance, Governance and Risk management. Below you find a list of the 20 most occuring job tags in 2024 and the number of open jobs that where associated with them during that period:

Compliance | 23 jobs Governance | 19 jobs Risk management | 17 jobs Audits | 13 jobs ISO 27001 | 13 jobs NIST | 13 jobs Risk assessment | 11 jobs CISSP | 11 jobs CISA | 11 jobs Cloud | 10 jobs SOC 2 | 8 jobs Monitoring | 8 jobs Strategy | 7 jobs GDPR | 7 jobs CISM | 7 jobs Privacy | 7 jobs Computer Science | 7 jobs SOC | 7 jobs SOX | 7 jobs CRISC | 6 jobs

Top 20 Job Perks/Benefits for Mid-level / Intermediate GRC Analyst roles

The three most common job benefits and perks assiciated with mid-level / intermediate GRC Analyst job listings are Health care, Equity / stock options and Career development. Below you find a list of the 20 most occuring job perks or benefits in 2024 and the number of open jobs that where offering them during that period:

Health care | 11 jobs Equity / stock options | 7 jobs Career development | 7 jobs Team events | 6 jobs Flex hours | 5 jobs Flex vacation | 5 jobs Competitive pay | 5 jobs Medical leave | 4 jobs 401(k) matching | 3 jobs Wellness | 3 jobs Insurance | 3 jobs Parental leave | 2 jobs Startup environment | 2 jobs Conferences | 2 jobs Salary bonus | 2 jobs Fertility benefits | 2 jobs

Salary Composition for a Mid-level GRC Analyst

The salary for a mid-level GRC (Governance, Risk, and Compliance) Analyst in the United States typically comprises a fixed base salary, performance bonuses, and additional remuneration such as stock options or benefits. The base salary often constitutes the majority of the total compensation package, usually around 70-80%. Performance bonuses can vary significantly depending on the company’s policies and the individual's performance, typically ranging from 10-20% of the base salary. Additional remuneration might include stock options, especially in tech companies, and comprehensive benefits packages that cover health insurance, retirement plans, and sometimes educational reimbursements.

Regional differences can affect salary composition, with tech hubs like San Francisco, New York, and Seattle offering higher base salaries and bonuses due to the higher cost of living and competitive job markets. Industry also plays a role; for instance, financial services and healthcare sectors might offer higher compensation due to the critical nature of compliance in these fields. Larger companies often provide more structured bonus programs and additional perks compared to smaller firms.

Steps to Increase Salary from a Mid-level Position

To increase your salary from a mid-level GRC Analyst position, consider the following strategies:

  • Skill Enhancement: Continuously update your skills, especially in emerging areas like cloud security, data privacy regulations, and advanced risk management techniques.
  • Certifications: Obtain advanced certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) to demonstrate expertise and commitment to the field.
  • Networking: Engage with professional networks and attend industry conferences to increase your visibility and learn about new opportunities.
  • Leadership Roles: Seek opportunities to lead projects or teams, which can position you for promotions to senior roles.
  • Cross-Functional Experience: Gain experience in related areas such as IT audit, data protection, or cybersecurity strategy to broaden your expertise and appeal to a wider range of employers.

Educational Requirements

Most mid-level GRC Analyst positions require at least a bachelor's degree in a related field such as Information Technology, Computer Science, Business Administration, or Cybersecurity. Some employers may prefer candidates with a master's degree, particularly in fields like Information Systems or Business Administration with a focus on risk management or compliance.

Helpful Certifications

Certifications are highly valued in the InfoSec/Cyber Security field and can significantly enhance your qualifications. Some of the most beneficial certifications for a GRC Analyst include:

  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • ISO 27001 Lead Implementer or Lead Auditor

These certifications demonstrate a solid understanding of risk management, compliance frameworks, and information security principles.

Required Experience

Typically, a mid-level GRC Analyst position requires 3-5 years of experience in information security, risk management, or compliance roles. Experience with specific compliance frameworks such as NIST, ISO 27001, or GDPR is often required. Familiarity with risk assessment tools and methodologies, as well as experience in developing and implementing security policies, is also important.

Related salaries

GRC Analyst @ $ 140,000 (global) - Senior-level / Expert Details
GRC Analyst @ $ 78,760 (global) - Entry-level / Junior Details
GRC Analyst @ $ 110,000 (global) - Mid-level / Intermediate Details
GRC Analyst @ $ 110,000 (global) Details
GRC Analyst @ $ 82,385 (United States) - Entry-level / Junior Details
GRC Analyst @ $ 121,562 (United States) Details
GRC Analyst @ $ 140,000 (United States) - Senior-level / Expert Details
GRC Analyst @ $ 62,500 (United Kingdom) Details
GRC Analyst @ $ 62,500 (United Kingdom) - Entry-level / Junior Details

Want to contribute?

πŸ“ Submit your salary info

Enter your own salary data for the current or past work year. It's quite simple and doesn't take more than a minute to fill out.

Go to salary survey

πŸ“’ Share our salary survey

Share our "in-less-than-a-minute survey" with others working in the field of InfoSec / Cybersecurity. The more data we have the better for everyone.

πŸ’Ύ Download the data

All collected information will be updated into a public dataset regularly and provided as a download free for anyone to use.

Go to download page

πŸš€ Search for jobs & talent

If you're thinking about a career change or want to hire fresh talent quickly check out the jobs page.

Go to frontpage

About this project

We collect salary information anonymously from professionals and employers all over the world and make it publicly available for anyone to use, share and play around with.

Our goal is to have open salary data for everyone. So newbies, experienced pros, hiring managers, recruiters and also startup founders or people wanting to switch careers can make better decisions.