ANALYST GRC

Maintain and enhance the organizations Information Security & Compliance frameworks (ISO 27001, SOC2, GDPR, etc.)

Perform risk assessments, maintain risk registers, track remediation plans, and generate risk reports for stakeholders.

Support internal and external audits by coordinating evidence collection and control testing.

Assist in developing, reviewing, and maintaining security policies, standards, and procedures.

Conduct third-party/vendor risk assessments and ensure contractual compliance requirements.

Monitor regulatory and industry compliance requirements and ensure alignment with business operations.

Coordinate with cross-functional teams (IT, Legal, Engineering, HR, Finance) for control implementation and compliance readiness.

Use GRC tools/platforms for workflow automation, documentation, and reporting.