Cyber Governance, Risk & Compliance (GRC) Analyst

Cyber Governance, Risk & Compliance (GRC) Analyst Job Summary We are seeking an experienced Cyber Governance, Risk & Compliance (GRC) Analyst to strengthen cybersecurity governance frameworks, conduct risk assessments, and perform assurance activities across business and technology functions in an enterprise environment. Responsibilities • Review, update, and maintain cybersecurity policies, standards, and procedures to ensure alignment with regulatory and organizational requirements • Conduct Risk & Control Self-Assessments (RCSA) and maintain comprehensive risk registers to track cyber and technology risks • Identify, assess, and monitor cyber and technology risks to support risk mitigation strategies • Perform cybersecurity control testing and assurance reviews to validate the effectiveness of controls • Prepare governance reports, dashboards, and management summaries to communicate risk posture and compliance status • Coordinate with business units, technology teams, audit, and compliance stakeholders to facilitate governance and risk management activities • Support audit readiness efforts and track remediation actions to ensure timely resolution of findings Required competencies and certifications • Bachelor’s degree in Cybersecurity, Information Security, IT, or related field • 3–7 years of experience in cybersecurity GRC, risk management, or compliance • Strong analytical skills to interpret risk data and generate actionable insights • Proficient in stakeholder management to collaborate effectively across teams • Good understanding of cybersecurity frameworks such as NIST, ISO 27001, or similar standards Preferred competencies and qualifications • Relevant certifications such as CISA, CISM, CRISC, or ISO 27001 are advantageous