Cyber Security GRC Operations Analyst
lagos, Nigeria
Blue Pearl
Our core service offerings range from cloud services, data analytics, software development and ICT resourcing.
We are looking for an experienced Cyber Security GRC Operations Analyst at Level 2 to join our Governance, Risk, and Compliance (GRC) team. This role is essential in ensuring that the organization meets its cybersecurity regulatory requirements, maintains strong compliance standards, and mitigates risks effectively. The ideal candidate will have hands-on experience in GRC operations, risk management, and compliance assessments.
Key Responsibilities
Governance and Policy Development
Risk Assessment and Management
Compliance Monitoring and Auditing
Incident Response and Investigation
Awareness and Training
Continuous Improvement and Reporting
Qualifications
Skills and Competencies
Requirements
Key Responsibilities
Governance and Policy Development
- Assist in the development, review, and updating of cybersecurity policies, standards, and procedures to ensure alignment with industry best practices and regulatory requirements.
- Support the implementation of cybersecurity governance frameworks, including NIST, ISO 27001, and other relevant standards.
- Work closely with cross-functional teams to ensure cybersecurity policies are understood, adopted, and adhered to across the organization.
Risk Assessment and Management
- Conduct regular risk assessments to identify vulnerabilities and potential threats to the organization’s assets.
- Collaborate with business units to develop risk mitigation strategies and ensure effective risk treatment plans are in place.
- Track and report on risk mitigation efforts, providing management with updates on the risk landscape.
Compliance Monitoring and Auditing
- Monitor and assess compliance with internal policies and external regulations, including GDPR, HIPAA, and other relevant standards.
- Conduct internal audits and assessments of cybersecurity controls to ensure compliance and identify areas for improvement.
- Support the documentation and reporting requirements for regulatory compliance, including audit preparation and findings resolution.
Incident Response and Investigation
- Assist in investigating security incidents related to governance, risk, and compliance, ensuring that appropriate corrective actions are taken.
- Document incident findings and work with cybersecurity teams to implement control improvements based on lessons learned from incidents.
- Conduct root cause analyses of compliance breaches and recommend remediation actions.
Awareness and Training
- Contribute to the development of cybersecurity awareness programs focused on GRC-related policies, procedures, and best practices.
- Provide training to employees on compliance requirements and the importance of cybersecurity governance.
- Develop and deliver awareness materials on topics such as data protection, compliance obligations, and risk management.
Continuous Improvement and Reporting
- Identify and recommend improvements to GRC processes to enhance the organization’s cybersecurity posture.
- Generate reports on GRC metrics, including compliance status, risk levels, and policy adherence, for management and stakeholders.
- Stay updated on emerging cybersecurity regulations, frameworks, and best practices to keep the organization informed and compliant.
Qualifications
- Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience.
- Experience: 2+ years of experience in cybersecurity governance, risk management, or compliance roles.
- Certifications: CISSP, CISM, CRISC, or other relevant GRC/security certifications preferred.
Skills and Competencies
Technical Skills:
- Knowledge of GRC frameworks and standards, such as NIST, ISO 27001, GDPR, and SOX.
- Experience with GRC tools and technologies for risk assessment, compliance tracking, and policy management.
- Understanding of risk management and assessment methodologies.
- Knowledge of GRC frameworks and standards, such as NIST, ISO 27001, GDPR, and SOX.
Soft Skills:
- Strong analytical and problem-solving skills with attention to detail.
- Excellent written and verbal communication skills, especially in policy writing and report generation.
- Ability to collaborate across departments and communicate GRC concepts effectively to non-technical stakeholders.
- Strong analytical and problem-solving skills with attention to detail.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
5
0
0
Categories:
Analyst Jobs
Compliance Jobs
Incident Response Jobs
Tags: Audits CISM CISSP Compliance Computer Science CRISC GDPR Governance HIPAA Incident response ISO 27001 Monitoring NIST Risk assessment Risk management SOX Vulnerabilities
Region:
Africa
Country:
Nigeria
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSecurity Consultant jobsSenior Penetration Tester jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsStaff Security Engineer jobsIT Security Analyst jobsInformation System Security Officer (ISSO) jobsPrincipal Security Engineer jobsCloud Security Architect jobsCyber Security Architect jobsSystems Engineer jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobs
CI/CD jobsSaaS jobsMalware jobsForensics jobsEncryption jobsEDR jobsIDS jobsSplunk jobsTop Secret jobsIPS jobsRMF jobsSDLC jobsSQL jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsDoDD 8570 jobsOWASP jobsITIL jobsFinance jobsDocker jobsActive Directory jobsTCP/IP jobsCRISC jobs
IT infrastructure jobsGIAC jobsVPN jobsHIPAA jobsUNIX jobsBanking jobsTerraform jobsClearance Required jobsSANS jobsJavaScript jobsDNS jobsPolygraph jobsSOX jobsCISO jobsOSCP jobsAnsible jobsCCSP jobsMITRE ATT&CK jobsSOC 2 jobsJira jobsGCIH jobsData Analytics jobsCryptography jobsCyber defense jobsSOAR jobs