Senior Governance Risk and Controls (GRC) Analyst (Cybersecurity)

Формат работы

hybrid

Тип работы

fulltime

Грейд

senior

Английский

Страна

Poland

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Senior Governance Risk and Controls (GRC) Analyst (Cybersecurity): Strengthening global security and risk strategy through control effectiveness and regulatory alignment with an accent on third-party risk assessments and compliance audits. Focus on managing SOC 2 and ISO 27001 certifications, executing internal and external assessments, and addressing emerging AI risks.

Location: Hybrid (Warsaw, Poland)

Company

Global leader in business decisioning data and analytics helping companies worldwide grow and manage risk.

What you will do

Manage compliance reviews, audits, validation testing, and risk assessments in accordance with NIST standards.
Lead client and audit assurance for EU and APAC regions.
Execute the global third-party risk program through supplier due diligence, monitoring, and assessments.
Maintain and monitor information security policies and a centralized audit evidence repository.
Coordinate with privacy, procurement, and corporate IT departments to ensure alignment with GRC initiatives.
Produce qualitative and quantitative metrics to assess the success of the Security Assurance Program.

Requirements

Bachelor's degree in Information Cyber Security, Risk Management, or GRC.
5+ years of direct information security experience with a primary focus on risk, controls testing, and compliance programs.
Strong knowledge of industry frameworks: ISO 27001, SOC 2, NIST, PCI, and GDPR.
Experience reviewing vendor and client contracts for Information Security requirements.
2+ years of experience conducting and/or responding to ISO 27001 and SOC 2 audits.
Fluency in English.

Nice to have

CISA, CISM, or CISSP certifications.

Culture & Benefits

Collaborative, diverse global environment that values creativity and bold ideas.
Access to a comprehensive benefit package.
Culture of continuous growth with structural courses and mentorship programs.
Opportunity to work on scalable GRC operations and AI risk initiatives.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →