Analyst, Information Security Governance, Risk, and Compliance

Innovation starts from the heart. At Edwards Lifesciences, we’re dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions.

The Information Security GRC Analyst supports stakeholder‑facing risk operations across information security, data, and AI risk domains. This role is responsible for operational execution of risk and governance processes including risk and issues management, control model governance, policy and standards lifecycle support, risk assessments and training and awareness activities.

Success in this role requires strong communication skills, attention to detail, and the ability to partner closely with stakeholders, service owners, and leaders to drive timely risk decisions and outcomes. This position plays a key role in stabilizing and scaling existing information security governance processes while enabling expansion into data and AI governance capabilities.

How you’ll make an impact:

Risk & Issues Management

• Support intake, tracking, and lifecycle management of information security, data, and AI‑related risk issues
• Coordinate stakeholder escalations and follow‑ups to ensure accurate risk documentation, ownership, and remediation tracking
• Assist with issue prioritization and reporting to support leadership decision‑making

Governance Operations

• Support control model governance activities, including control documentation maintenance and operational governance processes
• Assist with policy and standards lifecycle activities, including updates, reviews, and stakeholder coordination
• Partner with service owners and subject matter experts to ensure governance artifacts remain accurate and usable

Metrics & Reporting

• Support the development, maintenance, and validation of risk, control, and performance metrics
• Partner with stakeholders to ensure reporting reflects current risk posture and supports data‑driven leadership decisions
• Assist in maintaining dashboards and metrics used for operational and executive‑level visibility

Stakeholder Engagement

• Partner directly with business and IT stakeholders to facilitate risk discussions and resolve governance questions
• Support training and awareness activities related to information security, data governance, and responsible AI use
• Build trusted working relationships through clear communication and reliable execution

General Responsibilities

• Perform moderately complex analysis related to information security governance and risk management
• Support continuous improvement initiatives across GRC processes and tooling

What you'll need (Required):

• Bachelor's Degree or Equivalent in related STEM field
• A minimum of two years experience of previous related experience or equivalent work experience based on Edwards criteria

What else we look for (Preferred):

• Experience in information security, risk management, compliance, or a related governance or operational role
• Experience supporting governance processes related to data governance and responsible AI
• Exposure to risk, issues, audit, or compliance management tools
• Experience leading risk assessments
• Professional certifications such as Security+, GISP, CRISC, GSEC, GISF, or similar
• Experience supporting or implementing requirements aligned to frameworks such as NIST 800‑53 or equivalent
• Working knowledge of NIST‑based security and risk control concepts
• Strong written and verbal communication skills, with the ability to engage non‑technical stakeholders
• Ability to manage competing priorities in a fast‑paced environment
• Collaborative mindset with a customer‑focused approach
• Working knowledge of cybersecurity and information security risk principles

Aligning our overall business objectives with performance, we offer competitive salaries, performance-based incentives, and a wide variety of benefits programs to address the diverse individual needs of our employees and their families.

For California, the base pay range for this position is $87,000 to $123,000 (highly experienced).

The pay for the successful candidate will depend on various factors (e.g., qualifications, education, prior experience). Applications will be accepted while this position is posted on our Careers website. 

Edwards is an Equal Opportunity/Affirmative Action employer including protected Veterans and individuals with disabilities.

COVID Vaccination Requirement

Edwards is committed to protecting our vulnerable patients and the healthcare providers who are treating them. As such, all patient-facing and in-hospital positions require COVID-19 vaccination. If hired into a covered role, as a condition of employment, you will be required to submit proof that you have been vaccinated for COVID-19, unless you request and are granted a medical or religious accommodation for exemption from the vaccination requirement. This vaccination requirement does not apply in locations where it is prohibited by law to impose vaccination.