Compliance Analyst

Role Overview

As part of the Information Security function, the Compliance Analyst plays a critical role in ensuring compliance with cybersecurity standards and regulatory requirements, across H&MV s global network. Reporting to the Information Security Coordinator, this position supports governance, risk, and compliance (GRC) activities across H&MVs jurisdictions, helping to strengthen security posture and mitigate risks for critical infrastructure systems.

Working closely with cross-functional teams, the Compliance Analyst will help embed cybersecurity best practices into both Operational Technology (OT) and Information Technology (IT) environments. The role involves working with leading frameworks such as IEC 62443, ISO 27001, NIST Cybersecurity Framework (CSF), and NIS 2 Directive.

What You ll Do

• Support Cybersecurity Compliance: Implement and monitor compliance programs in H&MV environments, ensuring adherence to NIST CSF and other applicable regulations.
• Audit & Evidence Management: Coordinate internal and external audits for systems, facilitate evidence collection, and manage remediation of findings.
• Cross-Functional Collaboration: Work closely with engineering, operations, and security teams to identify risks and ensure accurate records are maintained.
• Policy & Standards Alignment: Ensure engineering processes align with cybersecurity best practices and regulatory requirements (NIS 2, IEC 62443, ISO 27001, NIST).
• Risk Assessment Support: Contribute to the identification, documentation, and tracking of cybersecurity risks, supporting the development of mitigation strategies.
• Administration Support: Assist teams with adopting and maintaining enterprise GRC software, generate reports and analysis, and coordinate stakeholder requests and responses as needed.
• Training & Awareness: Assist in delivering of cybersecurity and compliance training programs to enhance awareness and promote a culture of security across the organization
• Continuous Improvement: Stay updated on evolving cybersecurity threats, compliance obligations, and industry standards.

About You

• Experience: Bachelor s degree in Information Technology, Computer Science, with an interest in cybersecurity and risk management
• Technical Understanding: Strong grasp of IT systems and data security, and Security technologies.
• Communication Skills: Excellent interpersonal skills and a desire to work within a growing internation organisation.
• Adaptability: Demonstrated commitment to continuous learning and development within a dynamic, international organization

• Collaborative Mindset: Comfortable working across departments and engaging with both technical and non-technical stakeholders.

**H&MV Engineering is an equal opportunity employer**