GRC Analyst
Malaysia
Sitecore
Sitecore offers an industry-leading digital experience platform that allows brands to create, build, manage, and deliver standout content along every touchpoint of the customer journey.
GRC Analyst
Kuala Lumpur, Malaysia About Us: Our mission is to elevate leading brands through unforgettable digital connections with their customers. Sitecore delivers a composable digital experience platform that empowers the world’s smartest and largest brands to build lifelong relationships with their customers.A highly decorated industry leader, Sitecore is the leading company bringing together content, commerce, and data into one connected platform that delivers millions of digital experiences every day. Thousands of blue-chip companies including American Express, Porsche, Starbucks, L’Oréal, and Volvo Cars rely on Sitecore to provide more engaging, personalized experiences for their customers. Learn more at Sitecore.com. Sitecore’s foundation is our diverse group of passionate, smart, innovative, and collaborative individuals located across four continents and over 25 countries. Having a wide range of perspectives, experiences, and skills is what makes us the company we are today. The Sitecore values are what drive and unite us across the globe. About the roleWe are looking for a highly motivated and detail-oriented GRC (Governance, Risk, and Compliance) Analyst to join our team based in Kuala Lumpur. This role will support core GRC functions, assist in maintaining security and compliance programs, and provide direct support to the Sales and Customer Success teams. The GRC Analyst will work closely with two Senior GRC Analysts and the CISO to manage risk assessments, audit preparation, policy compliance, and internal control activities. Additionally, this role will play a key part in sales enablement by responding to customer security questionnaires, managing service desk tickets related to GRC, and generating reports that support sales operations. This is a hands-on, cross-functional role that requires collaboration across business units and a proactive approach to compliance and customer support. What You’ll Do: Governance & Compliance
Kuala Lumpur, Malaysia About Us: Our mission is to elevate leading brands through unforgettable digital connections with their customers. Sitecore delivers a composable digital experience platform that empowers the world’s smartest and largest brands to build lifelong relationships with their customers.A highly decorated industry leader, Sitecore is the leading company bringing together content, commerce, and data into one connected platform that delivers millions of digital experiences every day. Thousands of blue-chip companies including American Express, Porsche, Starbucks, L’Oréal, and Volvo Cars rely on Sitecore to provide more engaging, personalized experiences for their customers. Learn more at Sitecore.com. Sitecore’s foundation is our diverse group of passionate, smart, innovative, and collaborative individuals located across four continents and over 25 countries. Having a wide range of perspectives, experiences, and skills is what makes us the company we are today. The Sitecore values are what drive and unite us across the globe. About the roleWe are looking for a highly motivated and detail-oriented GRC (Governance, Risk, and Compliance) Analyst to join our team based in Kuala Lumpur. This role will support core GRC functions, assist in maintaining security and compliance programs, and provide direct support to the Sales and Customer Success teams. The GRC Analyst will work closely with two Senior GRC Analysts and the CISO to manage risk assessments, audit preparation, policy compliance, and internal control activities. Additionally, this role will play a key part in sales enablement by responding to customer security questionnaires, managing service desk tickets related to GRC, and generating reports that support sales operations. This is a hands-on, cross-functional role that requires collaboration across business units and a proactive approach to compliance and customer support. What You’ll Do: Governance & Compliance
- Support the implementation and ongoing maintenance of compliance programs aligned with ISO 27001, SOC 2, HIPAA, PCI DSS, GDPR, TISAX, NIST, and other regulatory frameworks
- Assist with drafting, maintaining, and updating policies, procedures, and security controls
- Conduct periodic reviews to identify compliance gaps and support remediation efforts
- Track regulatory changes and align internal controls accordingly
- Assist with internal and external audits by collecting evidence, preparing documentation, and coordinating with relevant teams
- Track audit schedules and maintain audit readiness documentation
- Help conduct risk assessments, maintain the risk register, and follow up on remediation actions
- Monitor and document findings to support GRC risk posture
- Respond to customer security and compliance questionnaires in coordination with the Sales and Security teams
- Manage GRC-related service desk tickets and ensure timely resolution
- Prepare and maintain reporting dashboards and metrics to support Sales and Customer Success teams
- Collaborate with Sales Engineers and Account Managers to ensure alignment on customer security requirements
- Work with teams across Engineering, Legal, Product, Procurement, and Enterprise Technology to support GRC initiatives
- Provide clarity and guidance on security and compliance expectations during project engagements
- Prepare reports and summaries of GRC activities for leadership and stakeholders
- Ensure consistent documentation practices and centralized storage of compliance materials
- Bachelor’s degree in information security, computer science, business, or related field
- 3–5 years of experience in GRC, audit, security operations, or compliance roles
- Familiarity with common compliance frameworks such as ISO 27001, SOC 2, HIPAA, PCI DSS, and GDPR
- Strong organizational skills and attention to detail
- Proficient in Microsoft 365 tools and service management platforms (Service Now)
- Prior experience working with Sales or Customer Success teams is a plus
- Experience responding to security questionnaires, and knowledge of RFI and RFP tools like Loopio is highly desirable
- Certifications such as CISA, CRISC, ISO 27001 Lead Implementer/Auditor are a plus
- Based in the Kuala Lumpur office
- Full-time, standard business hours in Malaysia local time zone
- Occasional flexibility required to support global stakeholders and time-sensitive requests
- We are passionate about modern technologies and growing! We are tapping into an exciting $30B market opportunity that is still very much in its infancy and feels it’s never been a better time to join Sitecore as we look to grow by 30% YoY. Growth for us means growth for you and your career.
- Great team and company culture! You can find out more about our company culture, a typical day in the Engineering team, and our commitment to creating a diverse and inclusive workplace, on our YouTube Channel. Thanks to the work of every employee globally, Sitecore has been recognized for its award-winning Culture by Comparably.
- Great benefits! We offer a competitive compensation package including a competitive base salary, annual bonus, and strong benefits program.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits CISA CISO Compliance Computer Science CRISC GDPR Governance HIPAA ISO 27001 NIST PCI DSS RFPs Risk assessment Risk management SOC SOC 2 TISAX
Perks/benefits: Career development Competitive pay Salary bonus
Region:
Asia/Pacific
Country:
Malaysia
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Product Security Engineer jobsInformation Security Specialist jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSystems Engineer jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSenior Information Security Analyst jobsInformation Security Manager jobsSenior Network Security Engineer jobsCyber Security Specialist jobsIT Security Analyst jobsIT Security Engineer jobsChief Information Security Officer jobsSecurity Consultant jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSenior Product Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
TS/SCI jobsEncryption jobsEDR jobsBash jobsJava jobsThreat detection jobsSplunk jobsTerraform jobsTop Secret jobsIDS jobsRMF jobsMalware jobsSDLC jobsIPS jobsSQL jobsSOC 2 jobsForensics jobsFinance jobsDocker jobsCompTIA jobsGIAC jobsActive Directory jobsIntrusion detection jobsOWASP jobsVPN jobs
ITIL jobsDoDD 8570 jobsHIPAA jobsAnsible jobsTCP/IP jobsIT infrastructure jobsOSCP jobsCRISC jobsData Analytics jobsMITRE ATT&CK jobsClearance Required jobsCCSP jobsBanking jobsNIST 800-53 jobsZero Trust jobsDNS jobsIndustrial jobsUNIX jobsEndpoint security jobsSOAR jobsSAP jobsSOX jobsCISO jobsMachine Learning jobsJavaScript jobs