Governance, Risk, and Compliance (GRC) Analyst
San Jose, Costa Rica
TD SYNNEX
About the Role:
As GRC Compliance Analyst, you will join our growing Global Cybersecurity team. As a GRC Compliance Analyst, you will play a key role in ensuring TD SYNNEX’s compliance with 3rd party audits as well as regulatory compliance audits, while driving innovation and efficiency. You will also take part of key compliance initiatives, like ISO 27001, SOC 2 Type II, etc.
What You'll Do:
Support the implementation and continuous improvement of our Information Security Management System (ISMS) aligned with frameworks like ISO 27001, SOC 2 Type II, and NIST CSF.
Conduct and document cybersecurity risk assessments, including vendor risk evaluations and customer assurance responses.
Assist in the development and maintenance of cybersecurity policies, procedures, and compliance documentation.
Coordinate and support internal and external audits, including third-party certifications.
Analyze and communicate technical risk-related information to non-technical stakeholders in a clear, concise way.
Use GRC tools (e.g., Vanta, OneTrust, ServiceNow) to streamline governance workflows and reporting.
What We're Looking For:
3+ years of experience in GRC, cybersecurity risk, or compliance roles (preferably in global or multicultural environments).
Strong understanding of information security frameworks (e.g., ISO 27001, SOC 2, NIST).
Experience with audit preparation and evidence gathering.
Excellent written and verbal communication skills in English and Spanish - required.
Detail-oriented mindset with strong analytical and problem-solving abilities.
Certifications such as ISO 27001 Lead Auditor/Implementer, Security+, or similar are a plus, but not required.
Working Conditions:
Occasional non-standard work hours or overtime as business requires.
Hybrid working model available — your work-life balance matters.
Key Skills
Ciberseguridad, Cumplimiento de auditorías, Cumplimiento normativo, Gestión de gobernanza, Gestión de IT, Gestión de la seguridad, Gestión de seguridad de la información, ISO 27000What’s In It For You?
- Elective Benefits: Our programs are tailored to your country to best accommodate your lifestyle.
- Grow Your Career: Accelerate your path to success (and keep up with the future) with formal programs on leadership and professional development, and many more on-demand courses.
- Elevate Your Personal Well-Being: Boost your financial, physical, and mental well-being through seminars, events, and our global Life Empowerment Assistance Program.
- Diversity, Equity & Inclusion: It’s not just a phrase to us; valuing every voice is how we succeed. Join us in celebrating our global diversity through inclusive education, meaningful peer-to-peer conversations, and equitable growth and development opportunities.
- Make the Most of our Global Organization: Network with other new co-workers within your first 30 days through our onboarding program.
- Connect with Your Community: Participate in internal, peer-led inclusive communities and activities, including business resource groups, local volunteering events, and more environmental and social initiatives.
Don’t meet every single requirement? Apply anyway.
At TD SYNNEX, we’re proud to be recognized as a great place to work and a leader in the promotion and practice of diversity, equity and inclusion. If you’re excited about working for our company and believe you’re a good fit for this role, we encourage you to apply. You may be exactly the person we’re looking for!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance Governance ISMS ISO 27000 ISO 27001 NIST Risk assessment SOC SOC 2
Perks/benefits: Career development Equity / stock options Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.