Job Description

Cyber Risk & Compliance Analyst

Department: Enabling : IT

Employment Type: Permanent - Full Time

Location: Flexible

The Cyber Risk & Compliance Analyst supports the cybersecurity function by ensuring accurate, timely, and consistent responses to client-facing compliance requirements and third-party risk processes.

The mission of the role is to strengthen client trust, improve governance maturity, and ensure alignment between contractual commitments, regulatory obligations, and the organization’s cybersecurity controls.

This role acts as a coordination and assurance bridge between Security, Legal, Sales, and Business stakeholders

This is a primarily operational role, as it focuses on execution, coordination, documentation, and response management across defined processes such as RFP reviews, contract alignment, and TPRM questionnaires.

However, the role has tactical exposure, as it contributes to improving compliance consistency, strengthening client trust, and enhancing process maturity within the cybersecurity governance framework.

Key Responsibilities

Client RFP & Security Questionnaire Support

• Review cybersecurity-related sections of client RFPs and security questionnaires.
• Gather and align internal documentation to ensure accurate, consistent, and defensible responses.
• Coordinate with subject matter experts to validate technical and compliance statements.
• Ensure responses reflect current certifications, controls, and commitments.

Contract Review & Compliance Alignment

• Review contracts to identify cybersecurity, data protection, and compliance-related clauses.
• Assess alignment between contractual obligations and existing security controls.
• Escalate gaps or misalignments to Security and Legal for resolution.
• Maintain traceability of contractual security commitments.

Third-Party Risk Management (TPRM) Support

• Coordinate internal stakeholders to complete vendor or client security questionnaires.
• Track questionnaire status, deadlines, and follow-ups.
• Ensure timely and structured responses.
• Support evidence collection and documentation for third-party reviews.

Documentation & Governance Support

• Maintain organized repositories of policies, certifications, audit reports, and evidence.
• Ensure documentation is up to date and reusable for future engagements.
• Support audit preparation activities when required.
• Contribute to process improvement initiatives within GRC.

Tracking & Reporting

• Monitor RFP, contract, and TPRM workflow status.
• Provide status updates to management.
• Identify recurring issues or process bottlenecks.

Skills, Knowledge & Expertise

• Bachelor’s degree in IT, telecommunications, computer science, information security, or related field.
• With 2-5 years of experience in cybersecurity, risk management, audit or compliance.
• Good communication skills
• Strong knowledge of information security frameworks and standards (ISO 27001, NIST CSF, GDPR).
• Exposure to RFP processes or client-facing compliance documentation is a plus.
• Office Suite: Advanced