Job Overview

The GRC analyst plays a supporting role in governance, risk management, and compliance initiatives. They assist in implementing risk management policies, conducting compliance audits, monitoring DIGITAL governance processes, and supporting regulatory reporting. This role is ideal for professionals with foundational experience in risk assessments, security compliance, and IT governance looking to grow into a senior leadership position.

Key Responsibilities

1. DIGITAL Governance & Compliance Support

• Assists in developing DIGITAL governance frameworks, security policies, and compliance checklists.
• Supports risk monitoring, reporting, and documentation of compliance controls.
• Helps ensure adherence to regulatory frameworks such as GDPR, NIST, and ISO 27001.
• Tracks emerging regulatory requirements and their impact on DIGITAL compliance.

2. Risk Management & cyber Security Compliance

• Supports risk assessments and mitigation planning, identifying vulnerabilities in DIGITAL systems.
• Assists in incident response and security risk monitoring.
• Works with cyber security teams to ensure security policies align with compliance mandates.
• Conducts third-party risk assessments, ensuring vendor compliance with security standards.

3. Compliance Audits & Regulatory Reporting

• Assists in internal and external compliance audits, ensuring documentation and reporting meet regulatory standards.
• Supports risk evaluation processes for DIGITAL service providers and business units.
• Prepares reports on risk trends, security incidents, and compliance effectiveness.

4. Collaboration & Communication

• Works closely with legal, security, and DIGITAL teams to ensure consistent risk communication.
• Assists in vendor and partner risk management, ensuring compliance contracts are enforced.
• Supports compliance awareness programs and training initiatives.

5. Policy Development & Training Support

• Assists in developing security and governance policies for DIGITAL and business users.
• Provides input on corporate risk management and governance strategies.
• Contributes to training programs to educate employees on compliance requirements.

Primary Contacts

• GRC leadership, director of digital transformation planning and cyber security teams
• Legal, compliance, and financial risk teams
• Regulatory authorities, external auditors, and risk consultants

Qualifications & Experience

• Education: Bachelor’s degree in IT, Risk Management, Cybersecurity, Law, or a related field.
• Experience:
• 3-5 years of experience in DIGITAL governance, risk management, or compliance.
• Exposure to regulatory frameworks such as ISO 27001, NIST, GDPR, and SOX.
• Skills:
• Strong analytical and problem-solving skills related to DIGITAL compliance.
• Basic understanding of risk assessment frameworks, security audits, and compliance reporting.
• Strong communication skills, with the ability to engage DIGITAL and business stakeholders.
• Proactive and adaptable mindset, focused on learning and contributing to risk management strategies.