Cyderes
805 - Corporate IT
GRCAnalyst
Neural analysis suggests this role is
optimal for Mid candidates.
“GRC Analyst at Cyderes. Skills: GRC, information security, compliance, risk assessment, audit, SOC2, ISO 27001, GRC automation tool administration, Third-Party Risk Management (TPRM), Privacy frameworks (GDPR, CCPA, HIPAA). daily activities in implementing the information security and compliance programme. maintain audit and compliance projects”
Industry & Context.
creating remediation plans; identifying/implementing appropriate solutions; direct security compliance issues to appropriate channels for investigation and resolutions
What They're Looking For.
Must Have
Minimum 3 years in a GRC role, at least 1 full year of hands-on administration of a GRC automation tool (Vanta, Drata, or Sprinto), Experience in design and implementation of information security policies and controls, Experience participating in external security SOC2 Type II, Experience conducting needs assessments and identifying/implementing appropriate solutions, Knowledge of security technologies and architecture, including encryption, cloud network security design, security group configuration, intrusion detection, data loss prevention and application security, Experience translating abstract SOC2 criteria into technical screenshots, logs, or API outputs, Experience translating abstract SOC2 Common Criteria or ISO 27001 clauses into applicable technical controls, high proficiency in interpreting SOC2/ISO reports and Data Processing Agreements (DPAs), minimum 3 years of hands-on experience [in Third-Party Risk (TPRM) Analysis], evaluating SaaS vendors, with the ability to dissect SOC2 Type II, ISO 27001, and Reach Test reports, Proficiency in managing Vanta's Trust Centre and Vendor Risk modules, Practical experience navigating Data Processing Agreements (DPAs) and mapping vendor risks to privacy frameworks like GDPR, CCPA, or HIPAA
Nice to Have
Vanta [preferred GRC automation tool], CISSP, CISM, CISA certifications, Analyst A (The Internal Builder): Focuses on Vanta, SOC2/ISO mapping, and internal engineering/DevOps agreement., Analyst (The External/Risk Specialist): Focuses on Third-Party Risk, Customer Questionnaires/Trust Centre, and Privacy (GDPR/CCPA).
What You'll Do.
daily activities in implementing the information security and compliance programme
maintain audit and compliance projects
and audit activities are according to business
and regulatory requirements
participate in and support multiple department activities
quarterly user access reviews
development of information security policies
training and awareness activities
review and respond to security requirements and inquiries regarding existing or proposed solutions
perform internal and external security compliance monitoring activities
and security risk assessments
and creating remediation plans
Coordinate IT security governance
risk and compliance activities across the enterprise
Oversee information security compliance activities
Respond to request for information on Cyderes' security compliance from customers and partners
review and negotiate relevant agreements
Support efforts for compliance with SOC2
and other security standards and regulatory frameworks
Conduct audit readiness assessments and coordinate with internal and external functions and audit resources
Support the implementation and administration of the Governance
and Compliance system (GRC)
Collaborate with other departments to direct security compliance issues to appropriate channels for investigation and resolutions
Revise and maintain security and controls procedures following applicable regulations
Ensure Continuous Compliance through Continuous testing of security and privacy control
Provide recommendations for technology
and process updates to improve Cyderes overall security posture
Develop and provide reports to keep management informed of the operation and progress of compliance efforts
How You'll Work.
Team & Collaboration
Collaborate with other departments to direct security compliance issues to appropriate channels for investigation and resolutions; coordinate with internal and external functions and audit resources
Communication Scope
Respond to request for information on Cyderes' security compliance from customers and partners; review and negotiate relevant agreements; Develop and provide reports to keep management informed
Full Job Description
## Description Who We Are We help the world Be Everyday Ready™ Today’s threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way. 🏆 Great Place to Work® Certified™ | United States · Canada · United Kingdom · India About the Job: Cyderes is looking for an GRC Analyst. The GRC Analyst will be responsible for daily activities in implementing the information security and compliance programme. You will help maintain audit and compliance projects to ensure policies, standards, procedures, and audit activities are according to business, IT, and regulatory requirements. You will also participate in and support multiple department activities. These activities may include quarterly user access reviews, the development of information security policies, procedures, and standards. Additionally, they may involve training and awareness activities. You will also review and respond to security requirements and inquiries regarding existing or proposed solutions. You will perform internal and external security compliance monitoring activities, manage client audits, IT control audits, and security risk assessments. To be successful in this role, you must be comfortable with evaluating, documenting, and creating remediation plans. These plans must meet compliance requirements in a specific area. The effectiveness of the implementation and operation of the information security and compliance directives will measure success. You will be reporting to Senior Manager GRC and Security. ## Responsibilities Coordinate IT security governance, risk and compliance activities across the enterprise Ove
Applying for this GRC Analyst role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about Cyderes?
Real rants from real employees. Read before you apply.