GRC Analyst

Company Description

Mithra Consulting is dedicated to enhancing organizations' application and network/infrastructure security, with a focus on SaaS applications across diverse sectors, including fintech, healthcare, HR, CRM, ERP, and manufacturing. Our mission is to safeguard digital assets, build trust with customers, and protect brand reputation. We deliver comprehensive security solutions that uphold the integrity of resource planning systems, client management platforms, and modern cloud infrastructures. With a commitment to robust defense, Mithra Consulting empowers organizations to securely navigate today's evolving digital world.

Role Description

This is a full-time on site role for a GRC (Governance, Risk, and Compliance) Analyst. The GRC Analyst will be responsible for analyzing, implementing, and maintaining risk and compliance frameworks to ensure proper organisational governance. Key responsibilities include conducting risk assessments, designing controls, monitoring regulatory compliance requirements, managing internal audits, and reporting to stakeholders. Additional duties include developing policies, identifying vulnerabilities, and proposing actionable improvements to mitigate risks.

Location:

Qualifications

• Understanding of governance, risk management, and compliance frameworks, such as ISO 27001, SOC 2, or NIST.
• Experience with conducting risk assessments, developing risk mitigation plans, and implementing relevant controls.
• Knowledge of regulatory compliance standards, such as GDPR, HIPAA, or CCPA.
• Familiarity with auditing processes, report creation, and working with cross-functional teams to ensure compliance.
• Strong analytical thinking, problem-solving skills, and attention to detail.
• Proficient communication and documentation skills to effectively report on findings and recommend solutions.
• Ability to work independently in a remote environment while managing deadlines effectively.
• Preferable qualification: a bachelor's degree in Information Security, Risk Management, or a related field.
• Certifications such as CISSP, CISA, or CRISC would be an advantage.