GRC Analyst

Job Description

Role Description

This is a remote contract role for a GRC Analyst. GRC Analyst will be responsible for day-to-day tasks such as advising clients on compliance regulations, assessing risks and vulnerabilities, developing and implementing security policies and procedures, and managing compliance frameworks. GRC Analyst will also play a key role in coordinating with cross-functional teams to ensure seamless execution of projects and deliverables.

Responsibilities

  • Strong understanding of ISO 27001, SOC2, GDPR, ISO 20000 and other compliance frameworks.
  • Developing IT security standards, procedures, and controls to manage risks. Improve client security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
  • Experience in advising clients on regulatory compliance, risk management, and security issues.
  • Supporting senior team members in delivering client work streams related to compliance standards including ISO 27001, SOC 2, GDPR, and ISO 20000 incident management disciplines.
  • Ability to manage complex local and international security requirements.
  • Developing and maintaining a compliance recordkeeping system.
  • Participate in security risk assessments, analysis, and mitigation planning.
  • Develop, maintain, report on key security risk metrics.
  • Working knowledge of cloud technologies such as AWS, Microsoft Azure, and JIRA.
  • Working knowledge of information security concepts and technologies.
  • Knowledge of working on various compliance tools such as Drata, Vanta or Secureframe.

Qualifications

  • 2- 4years of experience in IT Governance, Risk & Compliance
  • Understanding of ISO27001, SOC2, GDPR and ISO 20000standards preferred
  • Experience with risk management principles and associated methodologies.
  • Strong knowledge of Azure, AWS, GCP, Hetzner, etc.
  • Proven ability to make sound pragmatic decisions and judgments under tight timelines.
  • Strong problem-solving skills and attention to detail.
  • Ability to work independently and remotely.
  • Excellent communication and collaboration skills.
  • Knowledge of security technologies, tools, and methodologies.
  • Bachelor’s degree in Computer Science, Information Systems, or related field.

Benefits:

  • Flexible part-time schedule.
  • Competitive compensation package.
  • Opportunity to work in a fast-paced and rewarding environment.
  • Gain valuable experience in the GRC field.