GRCAnalyst,Operations&Risk

RESPONSIBILITIES: - - Support day-to-day GRC program operations – manage and triage GRC intakes and accurate tracking through resolution - Perform and support third-party risk management activities, including vendor reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners - Assist with risk program management activities - Support security compliance monitoring and audit readiness activities, managing audit request lists and taking ownership of gathering security audit evidence to verify compliance with internal policies / regulations and industry best practices - Coordinate security awareness and training program management activities QUALIFICATIONS: - - 2+ years of experience in GRC, third-party risk management, security compliance, internal audit, risk management, or a related function - Deep understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS - Possess a strong risk mindset, exceptional attention to detail, and the ability to apply critical thinking when assessing complex issues and control gaps - Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management - Superior interpersonal and communication skills – verbal and written - Being a team player and working to achieve common goal in a dynamic setting - Strong commitment to embracing and leveraging AI tools in day-to-day tasks, ensuring AI-assisted work aligns with the same high-quality standards as personal contributions. - A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred. CISA or CRISC certification preferred