GRC Analyst
Full Time Position
The GRC function conducts recurring activities with relevant stack holders to follow up maintain and improve compliance with the defined control environment.
The GRC Analyst role responsibilities will include:
- Be the custodian develop and maintain an effective policy and control framework
- Manage and lead information security governance
- Facilitate and own risk analysis and Cloud Services risk register
- Conduct internal audit review and meetings and to support external audit facilitation work covering creating audit checklist manage audit interview with internal control owners follow up on remediation action plan for identified findings issue audit report.
- Establish monitor and continuously improve risk management procedures
- Provide oversight and management of review and audit finding remediation including generating requirements for full remediation
- Providing feedback and suggestions on responses to findings and tracking progress and providing status and updates to the management team
Required Skills
- Strong communication skills and able to keep a good relationship to internal and external stakeholders
- Strong written and verbal English communication skills
- Work independently proactive and feel comfortable in taking difficult decisions
- Experience in developing documenting and maintaining GRC methodologies
- Structured analytical and persistent
- Ability to work well under minimal supervision with lots of selfdriven
Required Experience
Qualifications for the GRC Analyst role:
- Minimum 2 years of work experience in a GRC role
- Bachelors degree in information systems or equivalent work experience
- Certifications like CISA or similar are an advantage but not a requirement.
- Strong knowledge of common information security management frameworks such as SOC2 ISO 2700x PCI DSS NIST is a mandatory requirements
- Experience in developing documenting and maintaining security policies processes procedures and standards
Consultant in Charge
Ken Ng
Remote Work :
No