Job Description

:
The GRC Analyst will support the development, implementation, and management of the organization's governance, risk, and compliance programs. The role involves conducting risk assessments, ensuring regulatory and standards-based compliance, supporting audits, and driving security governance initiatives across business and technical teams.
Key Responsibilities
Maintain and enhance the organization's Information Security & Compliance frameworks (ISO 27001, SOC2, GDPR, etc.)
Perform risk assessments, maintain risk registers, track remediation plans, and generate risk reports for stakeholders.
Support internal and external audits by coordinating evidence collection and control testing.
Assist in developing, reviewing, and maintaining security policies, standards, and procedures.
Conduct third-party/vendor risk assessments and ensure contractual compliance requirements.
Monitor regulatory and industry compliance requirements and ensure alignment with business operations.
Coordinate with cross-functional teams (IT, Legal, Engineering, HR, Finance) for control implementation and compliance readiness.
Use GRC tools/platforms for workflow automation, documentation, and reporting.

Skills Required