We’relooking for problem solvers, innovators, and collaborators who are passionate about strengthening governance, risk, and compliance practices. Like us, you are someone who values continuous learning, teamwork, and process improvement while helping organizationsmaintainstrong security and compliance foundations. You value inclusivity and want to work in an environment that encourages growth, collaboration, and accountability.

We are seeking a Governance-focused GRC (Governance, Risk, and Compliance) Analyst to support the organization’s information security governance and compliance initiatives. This role will focus on governance processes, policy management, compliance coordination, risk assessments, governance documentation, and cross-functional collaboration.

The ideal candidate willassistinmaintainingsecurity policies and standards, support governance and compliance reviews, contribute to audit readiness activities, and help improve governance processes aligned with organizational and regulatory requirements.

This role requiresstrong communication, analytical, and documentation skills with the ability to communicate security and compliance requirements in a clear and business-focused manner.

Key Responsibilities

Governance & Compliance

• Assistin the development, review, and maintenance of information security policies, standards, procedures, andgovernance ofdocumentation.

• Support governance and compliance initiatives aligned with frameworks such as NIST CSF, ISO 27001, and SOC 2.

• Coordinate policy reviews and maintaingovernance ofdocumentation and evidence of repositories.

• Contribute to governance awareness and compliance communication activities across teams.

• Support audit readiness activities including documentation review, evidence collection, and remediation tracking.

Risk Management

• Conduct routine risk assessments and support third-party/vendor risk review activities.

• Identifycontrol gaps, document findings, and recommend mitigation actions.

• Assistinmaintainingrisk registers and remediation tracking activities.

• Support continuous improvement initiatives related to governance and compliance processes.

• Monitor regulatory changes and emerging governance best practices.

Collaboration & Communication

• Collaborate with Security, IT, Legal, Privacy, and business teams to support governance and compliance initiatives.

• Communicate governance updates, compliance findings, andrisksto technical and non-technical stakeholders.

• Escalate identified compliance or governance concerns throughappropriate reportingchannels.

• Support coordination between teams to ensuretimelycompletion of audit and remediation activities.

• Utilize GRC platforms and automation tools to support governance and compliance workflows.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, Risk Management, orrelatedfield.

• 2+ years of experience in Governance, Risk & Compliance (GRC), compliance, audit support, information security governance, or related areas.

• Basic understanding of security and compliance frameworks such asPCI, HIPAA,ISO 27001, SOC2,and GDPR.

• Experience supporting policy management, governance documentation, audit activities, or risk assessment processes.

• Familiarity with third-party/vendor risk management concepts.

• Strong written and verbal communication skillsare important.

• Good analytical, organizational, and documentation skills.

• Ability to work collaboratively in a fast-paced environment and manage multiple priorities.

Preferred Qualifications

• Experience with GRC tools or compliance management platforms.

• Familiarity with governance reporting, remediation tracking, or compliance workflows.

• Exposure to customer security questionnaires or due diligence requests is an advantage.

• Knowledge of privacy regulations such as GDPR, CCPA, or PDPA is a plus.

• Professional certifications such as CISA, CRISC, ISO 27001 Lead Implementer/Auditor, or related certifications are preferred but not mandatory.