GRC Analyst (U.S. Time Zone Support)
Malaysia
⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️
Sitecore
Sitecore offers an industry-leading digital experience platform that allows brands to create, build, manage, and deliver standout content along every touchpoint of the customer journey.
Job Title: GRC Analyst (U.S. Time Zone Support)
Location: Based in KL
Time Zone: U.S. Central or Eastern Time Zone (Full Coverage Required) About Us: At Sitecore, our mission is to simplify how brands reach, engage, and serve people by delivering intelligent, personalised digital experiences that connect the world. We empower the world’s most iconic brands to build lifelong relationships with their customers—seamlessly, smartly, and at scale. As the leading provider of agentic digital experience software, Sitecore brings together content, commerce, and data into one composable platform that enables brands to deliver millions of meaningful, adaptive experiences every day. Trusted by global leaders such as American Express, Porsche, Starbucks, and L’Oréal, Sitecore helps brands transform engagement through experiences that are not only personalised but predictive and dynamic. Our foundation is our people—a diverse, passionate, and collaborative global team spanning over 25 countries. We believe that every experience matters, and that belief starts with how we work together. Our values—empathy, accountability, clarity, and growth—guide how we lead, innovate, and connect. They are the behavior's that bring our mission and vision to life, every day, in every interaction. Learn more at Sitecore.com About the Role/ The Opportunity: We are looking for a detail-oriented and proactive GRC (Governance, Risk, and Compliance) Analyst to join our team. This role will be based in Kuala Lumpur and will support operations aligned with U.S. Central or Eastern time zones. The GRC Analyst will work closely with and support GRC Manager and the CISO, contributing to the day-to-day execution of compliance programs, audit preparation, risk assessments, and overall security governance efforts. This is a hands-on role, ideal for someone who thrives in a collaborative, fast-paced environment and is passionate about security, compliance, and risk management. What You’ll Do: Governance & Compliance
Location: Based in KL
Time Zone: U.S. Central or Eastern Time Zone (Full Coverage Required) About Us: At Sitecore, our mission is to simplify how brands reach, engage, and serve people by delivering intelligent, personalised digital experiences that connect the world. We empower the world’s most iconic brands to build lifelong relationships with their customers—seamlessly, smartly, and at scale. As the leading provider of agentic digital experience software, Sitecore brings together content, commerce, and data into one composable platform that enables brands to deliver millions of meaningful, adaptive experiences every day. Trusted by global leaders such as American Express, Porsche, Starbucks, and L’Oréal, Sitecore helps brands transform engagement through experiences that are not only personalised but predictive and dynamic. Our foundation is our people—a diverse, passionate, and collaborative global team spanning over 25 countries. We believe that every experience matters, and that belief starts with how we work together. Our values—empathy, accountability, clarity, and growth—guide how we lead, innovate, and connect. They are the behavior's that bring our mission and vision to life, every day, in every interaction. Learn more at Sitecore.com About the Role/ The Opportunity: We are looking for a detail-oriented and proactive GRC (Governance, Risk, and Compliance) Analyst to join our team. This role will be based in Kuala Lumpur and will support operations aligned with U.S. Central or Eastern time zones. The GRC Analyst will work closely with and support GRC Manager and the CISO, contributing to the day-to-day execution of compliance programs, audit preparation, risk assessments, and overall security governance efforts. This is a hands-on role, ideal for someone who thrives in a collaborative, fast-paced environment and is passionate about security, compliance, and risk management. What You’ll Do: Governance & Compliance
- Support the implementation and maintenance of compliance programs aligned with frameworks such as ISO 27001, SOC 2, HIPAA, PCI DSS, GDPR, TISAX, NIST, and IRAP.
- Assist in maintaining and updating security policies, procedures, and controls to ensure alignment with regulatory requirements.
- Conduct compliance reviews to identify gaps and assist in defining remediation actions.
- Monitor changes in regulatory requirements and provide input into compliance strategy and updates.
- Collaborate with internal stakeholders to coordinate audit-related activities, including evidence collection, documentation preparation, and status reporting.
- Maintain audit calendars, track deliverables, and ensure readiness for internal and external audits.
- Support periodic risk assessments, helping to identify, document, and track technology and process risks.
- Maintain the risk and findings register, ensuring items are regularly updated and monitored for progress.
- Work closely with teams across Engineering, Product, Legal, Procurement, and Enterprise Technology to support compliance initiatives and ensure timely completion of action items.
- Provide ongoing support and clarity to teams on compliance tasks and expectations.
- Assist in preparing and delivering status reports, dashboards, and metrics on GRC activities for leadership and stakeholders.
- Ensure that compliance documentation is consistently updated and centrally stored (e.g., SharePoint, Confluence).
- Bachelor’s degree in information technology, Cybersecurity, or a related field.
- Familiarity with industry standards and frameworks such as ISO 27001, SOC 2, HIPAA, GDPR, PCI DSS, NIST, and others.
- 3-5 years of experience in a GRC, risk management, audit support, or compliance role in a technology-driven environment.
- Strong attention to detail, organizational skills, and ability to manage multiple tasks.
- Experience working across global teams and time zones is a plus.
- Certifications such as CISA, CRISC, or ISO 27001 Lead Implementer/Auditor are a plus.
- Comfortable using Microsoft 365 tools (e.g., Outlook, Teams, Excel, SharePoint) and collaboration platforms.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
12
2
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits CISA CISO Compliance Confluence CRISC GDPR Governance HIPAA ISO 27001 NIST PCI DSS Risk assessment Risk management SharePoint SOC SOC 2 Strategy TISAX
Region:
Asia/Pacific
Country:
Malaysia
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cloud Security Engineer jobsSystems Engineer jobsSenior Information Security Analyst jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSenior Security Analyst jobsSecurity Operations Engineer jobsCyber Security Specialist jobsSenior Product Security Engineer jobsInformation System Security Officer (ISSO) jobsInformation Security Manager jobsSenior Information Security Engineer jobsSecurity Specialist jobsSenior Network Security Engineer jobsSecurity Consultant jobsInformation Systems Security Engineer jobsChief Information Security Officer jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsSenior Software Engineer jobsCyber Threat Intelligence Analyst jobsNetwork Engineer jobsSenior IT Auditor jobsCybersecurity Specialist jobsSecurity Operations Analyst jobs
Security assessment jobsEncryption jobsBash jobsJava jobsTS/SCI jobsRMF jobsSDLC jobsThreat detection jobsITIL jobsTerraform jobsIDS jobsSplunk jobsSQL jobsCompTIA jobsMalware jobsTop Secret jobsDocker jobsIPS jobsForensics jobsOWASP jobsFinance jobsActive Directory jobsGIAC jobsSOC 2 jobsClearance Required jobs
OSCP jobsCRISC jobsMITRE ATT&CK jobsDoDD 8570 jobsHIPAA jobsTCP/IP jobsIntrusion detection jobsVPN jobsCCSP jobsSOAR jobsZero Trust jobsDNS jobsIT infrastructure jobsJavaScript jobsAnsible jobsNIST 800-53 jobsIndustrial jobsKPIs jobsMachine Learning jobsBanking jobsUNIX jobsGCIH jobsData Analytics jobsSANS jobsSOX jobs