GRC Analyst (U.S. Time Zone Support)
Malaysia
Sitecore
Sitecore offers an industry-leading digital experience platform that allows brands to create, build, manage, and deliver standout content along every touchpoint of the customer journey.
Job Title: GRC Analyst (U.S. Time Zone Support)
Location: Based in KL
Time Zone: U.S. Central or Eastern Time Zone (Full Coverage Required) About Us: At Sitecore, our mission is to simplify how brands reach, engage, and serve people by delivering intelligent, personalised digital experiences that connect the world. We empower the world’s most iconic brands to build lifelong relationships with their customers—seamlessly, smartly, and at scale. As the leading provider of agentic digital experience software, Sitecore brings together content, commerce, and data into one composable platform that enables brands to deliver millions of meaningful, adaptive experiences every day. Trusted by global leaders such as American Express, Porsche, Starbucks, and L’Oréal, Sitecore helps brands transform engagement through experiences that are not only personalised but predictive and dynamic. Our foundation is our people—a diverse, passionate, and collaborative global team spanning over 25 countries. We believe that every experience matters, and that belief starts with how we work together. Our values—empathy, accountability, clarity, and growth—guide how we lead, innovate, and connect. They are the behavior's that bring our mission and vision to life, every day, in every interaction. Learn more at Sitecore.com About the Role/ The Opportunity: We are looking for a detail-oriented and proactive GRC (Governance, Risk, and Compliance) Analyst to join our team. This role will be based in Kuala Lumpur and will support operations aligned with U.S. Central or Eastern time zones. The GRC Analyst will work closely with and support GRC Manager and the CISO, contributing to the day-to-day execution of compliance programs, audit preparation, risk assessments, and overall security governance efforts. This is a hands-on role, ideal for someone who thrives in a collaborative, fast-paced environment and is passionate about security, compliance, and risk management. What You’ll Do: Governance & Compliance
Location: Based in KL
Time Zone: U.S. Central or Eastern Time Zone (Full Coverage Required) About Us: At Sitecore, our mission is to simplify how brands reach, engage, and serve people by delivering intelligent, personalised digital experiences that connect the world. We empower the world’s most iconic brands to build lifelong relationships with their customers—seamlessly, smartly, and at scale. As the leading provider of agentic digital experience software, Sitecore brings together content, commerce, and data into one composable platform that enables brands to deliver millions of meaningful, adaptive experiences every day. Trusted by global leaders such as American Express, Porsche, Starbucks, and L’Oréal, Sitecore helps brands transform engagement through experiences that are not only personalised but predictive and dynamic. Our foundation is our people—a diverse, passionate, and collaborative global team spanning over 25 countries. We believe that every experience matters, and that belief starts with how we work together. Our values—empathy, accountability, clarity, and growth—guide how we lead, innovate, and connect. They are the behavior's that bring our mission and vision to life, every day, in every interaction. Learn more at Sitecore.com About the Role/ The Opportunity: We are looking for a detail-oriented and proactive GRC (Governance, Risk, and Compliance) Analyst to join our team. This role will be based in Kuala Lumpur and will support operations aligned with U.S. Central or Eastern time zones. The GRC Analyst will work closely with and support GRC Manager and the CISO, contributing to the day-to-day execution of compliance programs, audit preparation, risk assessments, and overall security governance efforts. This is a hands-on role, ideal for someone who thrives in a collaborative, fast-paced environment and is passionate about security, compliance, and risk management. What You’ll Do: Governance & Compliance
- Support the implementation and maintenance of compliance programs aligned with frameworks such as ISO 27001, SOC 2, HIPAA, PCI DSS, GDPR, TISAX, NIST, and IRAP.
- Assist in maintaining and updating security policies, procedures, and controls to ensure alignment with regulatory requirements.
- Conduct compliance reviews to identify gaps and assist in defining remediation actions.
- Monitor changes in regulatory requirements and provide input into compliance strategy and updates.
- Collaborate with internal stakeholders to coordinate audit-related activities, including evidence collection, documentation preparation, and status reporting.
- Maintain audit calendars, track deliverables, and ensure readiness for internal and external audits.
- Support periodic risk assessments, helping to identify, document, and track technology and process risks.
- Maintain the risk and findings register, ensuring items are regularly updated and monitored for progress.
- Work closely with teams across Engineering, Product, Legal, Procurement, and Enterprise Technology to support compliance initiatives and ensure timely completion of action items.
- Provide ongoing support and clarity to teams on compliance tasks and expectations.
- Assist in preparing and delivering status reports, dashboards, and metrics on GRC activities for leadership and stakeholders.
- Ensure that compliance documentation is consistently updated and centrally stored (e.g., SharePoint, Confluence).
- Bachelor’s degree in information technology, Cybersecurity, or a related field.
- Familiarity with industry standards and frameworks such as ISO 27001, SOC 2, HIPAA, GDPR, PCI DSS, NIST, and others.
- 3-5 years of experience in a GRC, risk management, audit support, or compliance role in a technology-driven environment.
- Strong attention to detail, organizational skills, and ability to manage multiple tasks.
- Experience working across global teams and time zones is a plus.
- Certifications such as CISA, CRISC, or ISO 27001 Lead Implementer/Auditor are a plus.
- Comfortable using Microsoft 365 tools (e.g., Outlook, Teams, Excel, SharePoint) and collaboration platforms.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
8
2
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits CISA CISO Compliance Confluence CRISC GDPR Governance HIPAA ISO 27001 NIST PCI DSS Risk assessment Risk management SharePoint SOC SOC 2 Strategy TISAX
Region:
Asia/Pacific
Country:
Malaysia
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsIT Security Analyst jobsSecurity Operations Engineer jobsSenior Cybersecurity Engineer jobsSenior Cloud Security Engineer jobsSenior Security Analyst jobsSenior Information Security Analyst jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Product Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCyber Threat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Software Engineer jobsSenior IT Auditor jobsCybersecurity Specialist jobsNetwork Engineer jobs
Bash jobsCEH jobsTS/SCI jobsEncryption jobsEDR jobsSDLC jobsSplunk jobsThreat detection jobsMalware jobsRMF jobsTerraform jobsFinance jobsIDS jobsSQL jobsTop Secret jobsCompTIA jobsForensics jobsITIL jobsIPS jobsSOC 2 jobsOWASP jobsActive Directory jobsDocker jobsClearance Required jobsGIAC jobs
CRISC jobsIntrusion detection jobsTCP/IP jobsOSCP jobsAnsible jobsHIPAA jobsVPN jobsMITRE ATT&CK jobsDoDD 8570 jobsZero Trust jobsData Analytics jobsJavaScript jobsSOAR jobsCCSP jobsSOX jobsBanking jobsIT infrastructure jobsJira jobsUNIX jobsDNS jobsIndustrial jobsNIST 800-53 jobsKPIs jobsCISO jobsMachine Learning jobs