CrawlJobs Logo

Cybersecurity GRC Tool Analyst

Canada Employment contract 97600.00 - 181000.00 CAD / Year · Job Posted November 11, 2025
Apply Position
Job Link Share

Job Description

Cybersecurity GRC Tool Analyst to analyse the technology requirements of the various functions and processes within the team. This will include administration, features analysis and enhancements, analyzing integrations with related upstream and downstream systems, analysis of data migration, creation of metrics and dashboards, etc. This role will also focus on a strategic solution (including automation and AI), ensuring the GRC platform effectively supports cybersecurity governance and risk management processes across the organization.

Job Responsibility

  • Administer and maintain the GRC platform, including configurations, workflows, and reporting dashboards
  • Support the integration of the GRC tool with key enterprise systems (e.g., asset inventory, ticketing systems, vulnerability management tools)
  • Collaborate with cybersecurity, policy, risk, compliance, and IT teams to capture business requirements and translate them into functional tool capabilities
  • Assist in onboarding and managing control frameworks (e.g., ISO 27001, SOC 2, NIST CSF, FedRAMP) within the platform
  • Monitor data quality, ensure accurate reporting, and maintain platform integrity
  • Support control owners and stakeholders in using the GRC platform for assessments, evidence collection, and tracking remediation activities
  • Maintain user roles and permissions, ensuring proper access management
  • Document processes, workflows, and platform configurations
  • Provide training and guidance to end users on tool functionality and best practices
  • Coordinate with tool vendors for issue resolution, upgrades, and enhancements

Requirements

  • Bachelor's degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience
  • CISSP, ISO 27001 Lead Implementer, or similar certification
  • GRC platform certifications (e.g., Archer Certified Professional, ServiceNow GRC, Drata Admin, OneTrust Certified)
  • ITIL Foundation (a plus)
  • 5-7 years of experience in Information Security, IT Governance, or Risk Management
  • 5+ years of experience working with GRC platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar)
  • Expert at working with Governance Risk & Compliance platforms
  • Strong understanding of cybersecurity and compliance frameworks (e.g., NIST CSF, ISO 27001)
  • Experience with basic integrations and workflow configurations
  • Strong organizational skills and attention to detail
  • Ability to work effectively with technical and non-technical stakeholders
  • Excellent documentation, communication, and problem-solving skills

Nice to have

ITIL Foundation

What we offer

  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cybersecurity GRC Tool Analyst

8 matching positions

New

Cybersecurity Analyst

We are looking for a Cybersecurity Analyst to support vulnerability management, ...
Location
Location
United States , Jacksonville
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of cybersecurity experience
  • Experience with vulnerability management tools
  • Knowledge of security frameworks and best practices
  • Strong analytical and documentation skills
Job Responsibility
Job Responsibility
  • Perform vulnerability assessments and remediation tracking
  • Review security findings and recommend corrective actions
  • Support security governance and compliance efforts
  • Investigate security events and incidents
  • Collaborate with infrastructure and development teams
  • Maintain security documentation and reporting metrics
What we offer
What we offer
  • Medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Senior Analyst, Cybersecurity Compliance

The Cybersecurity Compliance – Information Lifecycle Management (ILM), Export & ...
Location
Location
United States , Austin, Texas; Warren, Michigan
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Information Technology, Risk Management, or a related field
  • Minimum 7 years of experience in cybersecurity, GRC, risk management, audit, or related compliance roles, preferably in a large, global organization
  • Demonstrated experience with cybersecurity risk and compliance frameworks (e.g., NIST CSF, NIST 800‑53, ISO 27001, CIS) and enterprise risk/compliance frameworks (e.g., FAIR, ERM, COSO)
  • Familiarity with legal and regulatory requirements impacting cybersecurity, data, and export controls (e.g., SOX, PCI‑DSS, GDPR, CCPA, export regulations, records/retention requirements)
  • Understanding of incident response, vulnerability management, and business continuity processes and how they intersect with compliance obligations
  • Experience managing or supporting GRC software tools and platforms (preferably ServiceNow IRM), including workflows, control libraries, and reporting
  • Excellent communication, presentation, and interpersonal skills
  • able to translate technical compliance topics into concise, executive‑ready messages
  • Proven ability to manage multiple complex initiatives, prioritize effectively, and work both independently and collaboratively in a matrixed environment
Job Responsibility
Job Responsibility
  • Implement and maintain a comprehensive cybersecurity compliance program for ILM, Export, and BCP that is aligned to the NIST Cybersecurity Framework (NIST CSF)
  • Conduct regular compliance assessments of ILM, Export, and BCP controls, evaluating inherent and residual risk across these domains
  • Analyze and prioritize identified issues based on compliance impact and likelihood
  • recommend risk treatment strategies and control enhancements
  • Monitor and track mitigation activities to closure, assessing impacts to residual compliance risk and recommending adjustments to the unified control set
  • Design, operate, and continuously improve the ILM control framework, ensuring alignment with corporate ILM policy, data classification standards, retention schedules, and privacy requirements
  • Define and document control requirements for data creation, classification, retention, archival, and destruction across key systems and repositories
  • Establish and manage ILM attestation processes with ILM Coordinators, application owners, and business stakeholders to confirm control design and operating effectiveness
  • Partner with Legal, Privacy, and Records Management to ensure ILM controls support litigation hold, regulatory, and privacy obligations
  • Translate Export Control policy and regulatory obligations into practical, testable controls across IT and Cyber environments
  • Fulltime
Read More
Arrow Right

IT GRC Analyst

We are partnering with a growing IT team in Austin to hire a dedicated IT GRC An...
Location
Location
United States , Austin
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 3 years of experience in IT governance, risk management, and compliance
  • Proficiency in NIST frameworks and cybersecurity compliance practices
  • Experience with Service Organization Control (SOC) reporting and auditing
  • Strong analytical skills and attention to detail in evaluating systems and processes
  • Ability to manage multiple projects and prioritize tasks effectively
  • Excellent verbal and written communication skills for reporting and collaboration
  • Familiarity with risk management tools and methodologies
  • Bachelor’s degree in Information Technology, Computer Science, or a related field
Job Responsibility
Job Responsibility
  • Develop and implement governance frameworks to ensure alignment with NIST and other cybersecurity standards
  • Conduct regular assessments to monitor compliance with Service Organization Control (SOC) requirements
  • Collaborate with cross-functional teams to identify risks and propose mitigation strategies
  • Create detailed reports on compliance performance and recommend process improvements
  • Maintain documentation of cybersecurity policies and procedures for audit readiness
  • Monitor and evaluate data systems to identify vulnerabilities and ensure adherence to security protocols
  • Provide guidance and training to team members on governance and compliance best practices
  • Participate in audits and respond to inquiries related to cybersecurity compliance
  • Research and stay updated on industry trends to enhance governance strategies
  • Support the integration of new technologies while maintaining compliance with established standards
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Senior GRC Analyst

We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Anal...
Location
Location
United States , Chapel Hill
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration
  • Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST
  • Experience with SOC1/2, GDPR, and privacy frameworks
  • Proficiency in information security tools, techniques, and controls
  • Experience with metrics and KPIs to measure and track information security risk
  • Ability to develop policies, standards, and guidelines
  • ISO27001:2022 Lead Implementer, and lead auditor certifications are a must
  • CISA, CISM, CISSP, or CRISC certifications are desirable
  • Experience with GRC tools, such as Vanta, Archer, ServiceNow Risk modules is highly desirable
  • Exposure to CMMC/FedRAMP is highly desirable
Job Responsibility
Job Responsibility
  • Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities
  • Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy
  • Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams
  • Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls
  • Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders
  • Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management
  • Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process
  • Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires
Read More
Arrow Right

Senior GRC Analyst

We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Anal...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration
  • Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST
  • Experience with SOC1/2, GDPR, and privacy frameworks
  • Proficiency in information security tools, techniques, and controls
  • Experience with metrics and KPIs to measure and track information security risk
  • Ability to develop policies, standards, and guidelines
  • ISO27001:2022 Lead Implementer and lead auditor certifications are a must
  • CISA, CISM, CISSP, or CRISC certifications are desirable
  • Experience with GRC tools, such as Vanta, Archer, ServiceNow Risk modules is highly desirable
  • Exceptional communication and interpersonal skills
Job Responsibility
Job Responsibility
  • Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities
  • Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy
  • Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams
  • Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls
  • Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders
  • Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management
  • Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process
  • Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires
Read More
Arrow Right

Senior GRC Analyst

We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Anal...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration
  • Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST
  • Experience with SOC1/2, GDPR, and privacy frameworks
  • Proficiency in information security tools, techniques, and controls
  • Experience with metrics and KPIs to measure and track information security risk
  • Ability to develop policies, standards, and guidelines
  • ISO27001:2022 Lead Implementer and lead auditor certifications are a must
  • CISA, CISM, CISSP, or CRISC certifications are desirable
  • Experience with GRC tools, such as Vanta, Archer, ServiceNow Risk modules is highly desirable
  • Exposure to CMMC/FedRAMP is highly desirable
Job Responsibility
Job Responsibility
  • Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities
  • Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy
  • Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams
  • Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls
  • Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders
  • Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management
  • Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process
  • Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires
  • Fulltime
Read More
Arrow Right

Grc Analyst – Public Sector

Socure is seeking an Analyst, GRC – Public Sector to execute and enhance the com...
Location
Location
United States
Salary
Salary:
95000.00 - 115000.00 USD / Year
socure.com Logo
Socure
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of cybersecurity or identity management experience, including 1+ year in the public sector
  • Direct experience with FedRAMP, GovRAMP, and NIST frameworks (800-53, 800-63, 800-171)
  • Proven ability to manage continuous monitoring, vulnerability remediation, and compliance reporting
  • Experience using AI tools (e.g., ChatGPT, Glean, Gemini) and machine-readable formats (e.g., OSCAL) to automate and streamline compliance processes
  • Strong communication, organization, and collaboration skills with the ability to manage multiple priorities
  • Ability to adapt to changing requirements
  • Must be a U.S. Person (U.S. Citizens or U.S. Permanent Residents) residing in the United States and be able to obtain a U.S. OPM NACI clearance
Job Responsibility
Job Responsibility
  • Day-to-day coordination and execution of external Third Party Assessment Organization (3PAO) assessments and responding to auditor requests for evidence and documentation
  • Maintain and update FedRAMP and GovRAMP controls and documentation in alignment with organizational and regulatory requirements
  • Prepare certification and authorization packages and maintain related documentation such as the System Security Plan (SSP) and associated appendices
  • Lead the day-to-day FedRAMP continuous monitoring process including vulnerability management lifecycle
  • Coordinate recurring continuous monitoring compliance activities such as access reviews, incident response exercises, and contingency plan testing
  • Oversee access controls for FedRAMP environments
  • Design, implement and deliver FedRAMP training programs
  • Create and manage automated workflows to improve efficiency
  • Maintain compliance evidence repositories
  • Conduct internal reviews of logged events and control activities
What we offer
What we offer
  • Equity
  • Comprehensive benefits
  • Annual discretionary performance bonus or commissions plans
  • Fulltime
Read More
Arrow Right

GRC Analyst

A GRC Analyst within the Cyber Governance, Risk, and Compliance (GRC) team is a ...
Location
Location
United States , Las Vegas; Austin
Salary
Salary:
119932.00 - 222732.00 USD / Year
aristocratgaming.com Logo
Aristocrat Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree and 2 years of experience in cybersecurity field
  • University / bachelor’s degree and 4 years’ experience in cybersecurity field
  • Associate’s degree and 8 years' experience in cybersecurity field
  • Experience in Learning and Development or Communications is a plus
  • Experience in policy management lifecycle management from creation to communication to delivery
  • Working knowledge of cybersecurity awareness training terminology such as phishing, smishing, ransomware, etc.
  • Experience designing and deploying corporate-level awareness programs
  • Ability to create and deliver on strategic needs for awareness and training program
  • Experience in using Artificial Intelligence (AI) tools to create, refine, personalize, and deliver training content
  • Comprehensive and effective communication skills
Job Responsibility
Job Responsibility
  • Maintain and continuously improve the cybersecurity Policies Program
  • Process and assess risk exceptions to Aristocrat Security Policies, Standards, and Technical Security Requirements
  • Manage and advance a Security Awareness and Training Program
  • Continuously deliver maturity enhancements to the Security Awareness program using AI tools
  • Create role-based training curriculum across the organization focusing on the protection of resources and data
What we offer
What we offer
  • health, dental, and vision insurance
  • paid time off
  • 401(k) plan with employer matching
  • Fulltime
Read More
Arrow Right