Cyber Security GRC Analyst Private Sector

What’s involved:

• Conduct cyber risk assessments across systems, projects, processes, and third parties
• Perform security control testing to assess design and operating effectiveness
• Support third-party risk management and supplier security assessments
• Monitor compliance with security policies, standards, and regulatory requirements
• Support audits, regulatory reviews, and evidence collection
• Contribute to cyber resilience governance (BCP, DR, cyber recovery)
• Track and report risk posture, control maturity, and remediation progress
• Support remediation tracking with technical and business stakeholders
• Assist in cyber security policy and standards lifecycle management
• Support governance reporting and risk/compliance forums
• Contribute to continuous improvement of GRC frameworks and processes

What you need:

• 5+ years in cyber security, GRC, risk management, or technology assurance
• Hands-on experience with cyber risk assessments and control testing
• Strong knowledge of frameworks such as NIST, ISO 27001, GDPR, and CIS
• Experience supporting audits, compliance, and governance activities
• Excellent stakeholder management and reporting skills