GRC Analyst

Responsibilities:

• Assist in developing and maintaining cyber security policies, procedures, and governance frameworks.
• Support compliance checks with internal policies, regulatory requirements (e.g., ISO 27001, NIST, GDPR), and industry standards.
• Participate in risk assessments and help test the effectiveness of internal controls.
• Maintain and update the organization's risk register and follow up on remediation activities.
• Collaborate with internal departments to support GRC-related projects and reporting needs.
• Assist in gathering evidence for internal and external audits or certifications.
• Prepare clear and concise documentation, reports, and presentations for management and regulatory bodies.
• Help raise awareness of cyber security best practices and compliance obligations across departments.

Qualifications:

• Education: Bachelor's degree in IT, Information Security, Computer Science, or related field.
• Experience: +2 years of experience in a technology, financial services, or regulated industries preferred.
• Understanding of key regulatory standards and frameworks (ISO 27001, SOC 2, GDPR, etc.) -
• Proficient in Microsoft Office. - GRC-related certification (e.g., ISO 27001, CRISC, CISA, CGEIT, PCI DSS) is a plus.