Applied Medical is a newgeneration medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute to a larger capacity than is possible in typical positions.

Position Description

The cybersecurity GRC analyst aligns information security policies with business objectives and ensures global governance, risk, and compliance readiness across Applied Medical. The role partners with business stakeholders and IT leadership to develop security frameworks, implement compliance controls, promote security awareness, and assess and mitigate operational and regulatory risks.

Key Responsibilities

• Align IT policy with business objectives by collaborating with crossfunctional stakeholders and communicating security requirements clearly.
• Monitor global governance changes and proactively adapt strategies to maintain compliance across all regions and countries.
• Ensure global compliance readiness by tracking, updating, and documenting regulatory requirements and control obligations.
• Codevelop information security policies and procedures with business leaders to support operational needs and regulatory landscapes.
• Promote security awareness by driving policy adoption and enabling secure practices across Applied Medical offices.
• Assess and remediate business risks by evaluating governance, risk, and compliance gaps and implementing mitigation plans.
• Lead riskbased projects and initiatives that reduce identified risks and align outcomes with organizational priorities.
• Serve as a trusted advisor on governance, risk, and compliance topics to build stakeholder credibility and decision support.

Success in This Role Looks Like

• Drive policy alignment with business objectives and ensure clear communication across teams.
• Ensure regulatory compliance through timely monitoring, documentation updates, and control validation.
• Lead crossfunctional initiatives that reduce risk exposure and strengthen organizational resilience.
• Elevate security awareness and adoption of secure practices across global operations.
• Deliver accurate governance reporting that supports decisionmaking and continuous improvement.

Position Requirements

This position requires the following skills and attributes:

• Possesses a strong cybersecurity mindset with fluency in governance, compliance, and risk management principles.
• Demonstrates the ability to prepare clear, accurate, and welldocumented information for security analyses.
• Maintains flexibility and focus while working independently and managing time to meet commitments.
• Adapts to unforeseen events, emerging information, and rapidly changing circumstances with sound judgment.
• Builds and sustains collaborative relationships across diverse stakeholders and crossfunctional teams.
• Holds three to five years of experience in the cybersecurity field.
• Brings education or training in data governance, regulatory compliance, and risk management with a proven ability to design and implement frameworks that safeguard data integrity, ensure compliance, and mitigate risks.

Preferred

• Demonstrates experience setting up security frameworks and developing information security policies.
• Shows familiarity with global regulatory standards such as General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and International Organization for Standardization (ISO) 27001.
• Applies knowledge of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
• Holds certifications in information security or risk management such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC).
• Uses alternate phrasing including IT compliance analyst, GRC specialist, and information security analyst to increase discoverability.

Benefits

• Competitive compensation range: $80000 - $ / year (California).
• Comprehensive benefits package.
• Training and mentorship opportunities.
• Oncampus wellness activities.
• Education reimbursement program.
• 401(k) program with discretionary employer match.
• Generous vacation accrual and paid holiday schedule.

Please note that the compensation range may be adjusted in the future, and bonus and incentive compensation plans may apply.

Our total reward package reflects our commitment to employee growth and wellbeing, as we invest in your development and offer a range of benefits designed to enhance your career andp>

All compensation and benefits are subject plan documents and written agreements.

Equal Opportunity Employer

Applied Medical is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), or sexual orientation, or any other status protected by federal, state or local laws in the locations where Applied Medical operates.