GRC Analyst

Tasks

• Coordinate with external auditors
• Follow up on remediation actions
• Handle policy exceptions
• Maintain continuous compliance documentation and visibility
• Maintain continuous evidence collection
• Maintain policy lifecycle updates
• Manage audit readiness activities
• Manage vendor risk assessments
• Monitor controls continuously
• Operationalize controls with engineering and security teams
• Respond to security questionnaires
• Support GDPR compliance
• Support ISO 27001 compliance
• Support PCI-DSS compliance
• Support enterprise risk and compliance programs
• Support security awareness initiatives
• Track policy violations

Perks/Benefits

• Annual retreats
• Co-working spaces access
• Flexible time off
• Fully remote
• Global team gatherings
• High-quality equipment
• Home office setup support
• Learning and development budget
• Private medical insurance
• Workations

Skills/Tech-stack

AI Act | Access Management | Access reviews | Audit Readiness | Compliance Management | Continuous Control Monitoring | Continuous control | Control monitoring | DORA | Drata | EU AI | EU AI Act | Evidence management | GDPR | GRC | GRC platforms | ISO 27001 | Identity and Access Management | Identity and access | NIS2 | OneTrust | PCI DSS | Policy Management | RFP Response | Risk Assessment | Risk Management | SOC 2 | Security Questionnaires | Security assurance | Security awareness | Third Party | Third-Party Risk | Third-party risk management | Vanta | Vendor Risk | Vendor Risk Assessment | Vulnerability Management