Overview
Skills
Job Details
Job Title: GRC Analyst
Location: Remote (EST hours in USA)
Duration: 6+ months
Purpose: The GRC Analyst will play a critical role in supporting the organization’s compliance and risk management programs. This position is responsible for assessing third-party risks, maintaining the enterprise risk register, collecting audit evidence, and promoting adherence to compliance standards.
Responsibilities/Essential Job Functions
§ Third-Party Risk Assessments
o Conduct risk assessments for vendors, partners, and other third parties.
o Evaluate security, privacy, and compliance controls against organizational standards.
§ Risk Register Management
o Maintain and update the organizational risk register.
o Track mitigation plans and monitor risk status across business units.
§ Audit Support
o Collect and organize evidence for audits (including PCI and SOX).
o Collaborate with stakeholders to ensure timely and accurate documentation.
§ Privacy Compliance Support
o Apply fundamental knowledge of U.S. or EU privacy laws (e.g., CCPA, GDPR).
o Assist in privacy impact assessments and data protection reviews as needed.
Requirements and Qualifications:
Skills:
§ Strong communication skills for cross-functional collaboration.
§ Excellent communication skills for cross-functional collaboration.
Knowledge:
§ Familiarity with regulatory frameworks such as PCI DSS, SOX, and privacy regulations (GDPR, CCPA).
Experience:
§ 2+ years of experience in compliance, risk management, or audit support.