This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
We are seeking a versatile Governance, Risk, and Compliance (GRC) Cybersecurity Analyst to lead the assessment and oversight of business policies, procedures, and operations. This role is responsible for ensuring the organization meets internal requirements and government regulations for the protection of information. The ideal candidate is a smart, humble GRC professional who can evaluate risk, understand technology, and communicate effectively across governance, risk, and compliance functions.
Job Responsibility
Independently assess risk, deviation requests, compensating controls, and business impacts
Serve as a primary point of contact for complex cybersecurity and compliance inquiries
Lead the development, review, and maintenance of enterprise-wide security policies, standards, and procedures
Conduct information technology risk assessments for systems, software, and architectures
Validate security control implementation to ensure compliance with frameworks such as NIST, DFARS, and CMMC
Lead or coordinate activities related to audits, assessments, and regulatory reviews
Mentor junior and mid-level GRC analysts, providing guidance on best practices and professional development
Interpret and apply laws, regulations, standards, and industry best practices
Requirements
Education: Bachelor’s degree in cybersecurity, information security, or a related field is preferred. An Associate's degree with 7+ years of relevant hands-on experience is also acceptable.
Experience: 5+ years of progressive GRC experience, including leading or owning GRC initiatives. Broad exposure across governance, risk management, and compliance functions is required.
Strong understanding of Windows, Linux, MacOS, VMs, containers, infrastructure, and security concepts.
Demonstrated experience with vulnerability management processes and tools.
Advanced experience with data analysis and reporting in Excel.
Proven ability to write policies, documentation, and communicate technical concepts to non-technical audiences.
Experience with compliance frameworks such as NIST 800-171, PCI, ISO 27001, HIPAA, or SOC.
One or more intermediate or advanced cybersecurity/GRC certifications (e.g., CISSP, CISM, CISA).
Nice to have
Master’s degree in a related field
Deep understanding of cybersecurity frameworks like NIST 800-53/171, CMMC, and MITRE ATT&CK
Demonstrated experience leading audit, assessment, or certification efforts
Proficiency with Atlassian Confluence and Jira
What we offer
Medical
Dental
Vision
Life insurance
Disability insurance
ESPP (employee stock purchase program)
401K program with company match after 12 months of tenure
HSA (Health Savings Account on the HDHP plan)
SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions
Corporate discount savings program
On-demand training program
Access to certification prep and library of technical and leadership courses/books/seminars after 6+ months of tenure
Certification discounts and other perks to associations including CompTIA and IIBA