CrawlJobs Logo
Checkmarx Logo Checkmarx · IT - Administration

Grc Analyst

India, Pune · Job Posted March 25, 2026
Apply Position
Job Link Share

Job Description

We are looking for a proactive and analytical GRC Analyst to join our CISO team. In this role, you will play a key role in advancing our risk management program, identifying, assessing, monitoring, and reporting organizational risks across technology, product, operational, and third-party domains. The analyst will collaborate with cross-functional stakeholders to ensure effective risk mitigation strategies, strong governance practices, and alignment with regulatory and industry standards. This role also includes translating technical and operational risks into business impact to support informed decision-making by senior leadership. You will support internal and external audits (SOC 2 Type II, ISO 27001), contribute to continuous control monitoring efforts, and promote a culture of risk ownership and security awareness across the organization.

Job Responsibility

  • Maintain and continuously improve the Enterprise Risk Management framework
  • Facilitate enterprise-wide risk assessments across business units
  • Develop and maintain risk taxonomy, scoring methodology, and risk registers
  • Define and monitor Key Risk Indicators (KRIs) and risk metrics
  • Conduct control effectiveness reviews in partnership with control owners
  • Support risk assessments related to cloud, SaaS, AI, and emerging technologies
  • Ensure compliance with relevant laws, regulations, and standards (e.g., SOC 2, ISO 27001, NIST, GDPR)
  • Support internal and external audits, including evidence collection, documentation preparation, and stakeholder coordination
  • Collaborate with cross-functional teams, including Legal, Procurement, R&D, and IT, to address GRC-related matters
  • Assist in the continuous improvement of GRC programs and initiatives
  • Contribute to automation and optimization of GRC tooling and workflows
  • Promote a culture of security, compliance, and risk awareness

Requirements

  • Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field
  • 2+ years of experience in GRC, enterprise risk management, or information security roles
  • Experience supporting SOC 2 and/or ISO 27001 audits
  • Working knowledge of privacy regulations and information security frameworks (e.g., NIST, CIS, ISO 27001, GDPR)
  • Experience with GRC platforms or risk management tools (e.g., OneTrust, ServiceNow, Archer) is an advantage
  • Familiarity with cloud security concepts (AWS, Azure, GCP) and SaaS environments
  • One or more of the following Certificates (Highly desirable): CISSP, CRISC, CISA, CISM, CGRC

What we offer

  • great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
Checkmarx - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Grc Analyst

8 matching positions

Grc Analyst

We are seeking a detail-oriented GRC (Governance, Risk, and Compliance) Analyst ...
Location
Location
United States , Austin
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5 years of experience in GRC, IT audit, risk management, or information security
  • Experience working within one or more frameworks (SOC 2, ISO 27001, NIST CSF, SOX, etc.)
  • Familiarity with control design, testing methodologies, and audit processes
  • Experience collaborating with cross-functional teams (IT, Security, Legal, Finance)
  • Strong documentation, communication, and organizational skills
Job Responsibility
Job Responsibility
  • Support governance, risk, and compliance programs across IT and business functions
  • Conduct risk assessments, control testing, and gap analysis for systems and processes
  • Assist with audit readiness efforts (internal/external), including evidence collection and documentation
  • Maintain and update policies, procedures, and control frameworks
  • Monitor compliance against frameworks such as SOC 2, ISO 27001, NIST, HIPAA, PCI-DSS, or SOX (as applicable)
  • Track remediation efforts and partner with stakeholders to address audit findings and control gaps
  • Support third-party/vendor risk assessments and ongoing monitoring
  • Leverage GRC tools to manage risk registers, controls, and reporting
  • Provide reporting and dashboards on risk posture and compliance status to leadership
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Grc Analyst

Rogo is hiring a GRC Analyst to support our customer trust, security assurance, ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
rogodata.com Logo
Rogo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience supporting customer-facing security, compliance, or trust functions at a SaaS or cloud-native company
  • Comfortable translating technical security concepts into clear, concise written responses
  • Understand common enterprise security expectations across areas such as cloud infrastructure, access control, data protection, and incident response
  • Detail-oriented and capable of managing multiple parallel requests without sacrificing quality
  • Communicate clearly with both technical and non-technical stakeholders
  • Exercise strong judgment when handling sensitive or ambiguous security questions
  • Enjoy operating at the intersection of security, compliance, and customer engagement
Job Responsibility
Job Responsibility
  • Support Rogo’s customer trust and security assurance processes, including responding to customer security inquiries and risk assessments
  • Serve as a key point of contact for customer security reviews, partnering with internal teams to provide accurate, consistent, and timely responses
  • Maintain and improve Rogo’s security documentation and response materials, ensuring alignment with current systems and controls
  • Collaborate with security and engineering teams to understand and articulate technical controls in a customer-facing context
  • Support compliance initiatives across frameworks such as SOC 2, ISO 27001, ISO 42001, EU AI Act, UK Cyber Essentials, and GDPR, including evidence collection and audit readiness
  • Identify common themes and gaps surfaced through customer inquiries and contribute to continuous improvement of security and compliance practices
  • Help streamline and scale trust-related workflows as customer volume and enterprise requirements grow
  • Fulltime
Read More
Arrow Right

Grc Analyst

Fullscript is currently looking for a GRC Analyst (Risk) to join our growing Sec...
Location
Location
Canada , Ottawa; Calgary; Toronto
Salary
Salary:
100000.00 - 120000.00 CAD / Year
fullscript.com Logo
Fullscript
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in governance, risk management, compliance, security operations, IT risk, or a related field
  • Understanding of security and operational risk concepts and common risk management frameworks
  • Ability to assess technical and non-technical risks and translate them into business impact
  • Strong analytical and problem-solving skills, with the ability to identify patterns and trends in risk data
  • Experience creating clear documentation, reports, and dashboards for technical and non-technical audiences
  • Strong verbal and written communication skills
  • Ability to work cross-functionally and influence without direct authority
  • Willingness to ask questions, seek feedback, and continuously improve processes
  • Comfortable operating in a growing, evolving environment where programs are being built and scaled
  • Strong situational awareness and judgment when evaluating risk trade-offs
Job Responsibility
Job Responsibility
  • Identify, document, and assess security and operational risks across business units
  • Maintain a comprehensive and up-to-date enterprise risk register
  • Apply a consistent methodology for evaluating risk likelihood, impact, ownership, and treatment
  • Partner with risk owners to ensure risks are clearly articulated and appropriately managed
  • Ensure risk acceptance, mitigation, and transfer decisions are documented, traceable, and aligned with Fullscript’s risk appetite
  • Track remediation efforts and follow up with stakeholders to ensure timely risk reduction
  • Produce clear, data-driven risk reporting and dashboards to support leadership and executive decision-making
  • Support and manage Fullscript’s third-party risk management program
  • Conduct risk assessments for vendors and partners, including onboarding and periodic reviews
  • Collaborate with Procurement, Legal, Security, and Engineering to ensure third-party risks are identified and addressed
What we offer
What we offer
  • Generous PTO and competitive pay
  • Fullscript’s RRSP match program for financial health
  • Flexible benefits package and workplace wellness program
  • Training budget and company-wide learning initiatives
  • Discount on Fullscript catalog of products
  • Ability to work Wherever You Work Well
  • Fulltime
Read More
Arrow Right

GRC Analyst

A GRC Analyst within the Cyber Governance, Risk, and Compliance (GRC) team is a ...
Location
Location
United States , Las Vegas; Austin
Salary
Salary:
119932.00 - 222732.00 USD / Year
aristocratgaming.com Logo
Aristocrat Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree and 2 years of experience in cybersecurity field
  • University / bachelor’s degree and 4 years’ experience in cybersecurity field
  • Associate’s degree and 8 years' experience in cybersecurity field
  • Experience in Learning and Development or Communications is a plus
  • Experience in policy management lifecycle management from creation to communication to delivery
  • Working knowledge of cybersecurity awareness training terminology such as phishing, smishing, ransomware, etc.
  • Experience designing and deploying corporate-level awareness programs
  • Ability to create and deliver on strategic needs for awareness and training program
  • Experience in using Artificial Intelligence (AI) tools to create, refine, personalize, and deliver training content
  • Comprehensive and effective communication skills
Job Responsibility
Job Responsibility
  • Maintain and continuously improve the cybersecurity Policies Program
  • Process and assess risk exceptions to Aristocrat Security Policies, Standards, and Technical Security Requirements
  • Manage and advance a Security Awareness and Training Program
  • Continuously deliver maturity enhancements to the Security Awareness program using AI tools
  • Create role-based training curriculum across the organization focusing on the protection of resources and data
What we offer
What we offer
  • health, dental, and vision insurance
  • paid time off
  • 401(k) plan with employer matching
  • Fulltime
Read More
Arrow Right

Grc analyst

We are looking for a detail-oriented GRC Analyst to join our team in Woodbridge,...
Location
Location
United States , Woodbridge
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of compliance frameworks such as GLB Act, SOX, PCI DSS, and eGRC
  • Proven experience in cybersecurity compliance and risk management
  • Ability to conduct detailed risk assessments and identify actionable solutions
  • Familiarity with audit processes and documentation management
  • Excellent communication skills for delivering training programs and collaborating with stakeholders
  • Proficiency in managing cybersecurity platforms and tracking risk-related issues
  • Capability to develop and maintain comprehensive procedural documentation
  • Knowledge of industry standards and regulatory obligations in the banking sector
Job Responsibility
Job Responsibility
  • Collect and organize evidence to support annual audits conducted internally and externally
  • Manage and monitor a centralized repository for audit-related documentation to ensure accessibility and accuracy
  • Respond promptly to audit requests, ensuring that all submissions meet required standards
  • Develop and deliver training programs on cybersecurity awareness, including onboarding sessions, periodic newsletters, and phishing simulations
  • Administer the organization's cybersecurity compliance training program to reinforce best practices
  • Conduct risk assessments using established frameworks to identify control strengths, weaknesses, and areas for improvement
  • Utilize the organization's platform to track and resolve security exceptions, violations, incidents, and other risk-related issues
  • Maintain updated documentation of procedures to enhance team knowledge and industry expertise
  • Assist in reviewing and updating security policies, standards, and practices annually to align with current operational needs
  • Collaborate with various business units to address new and existing regulatory requirements
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • company 401(k) plan
Read More
Arrow Right

Senior Cyber Security GRC Analyst

We are currently seeking a Senior Cyber Security GRC Analyst to join FinXL and t...
Location
Location
Australia , North Sydney
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as a Senior Cyber Security GRC Analyst
  • Strong experience in Cyber Security GRC, Risk, or Compliance roles
  • Experience working with control frameworks such as NIST SP 800-53
  • Experience writing policies, standards, and control documentation from scratch
  • Experience conducting control assurance, testing or audit support activities
  • Experience in stakeholder engagement, running workshops & influencing outcomes
  • Experience implementing security controls
  • Experience in control uplift or transformation programs
  • Experience translating NIST security controls into clear, business-friendly requirements
  • Experience defining control objectives, parameters & implementation guidance aligned to organisational context
Job Responsibility
Job Responsibility
  • Support the definition, documentation & assurance of security controls aligned to NIST SP 800-53
Read More
Arrow Right

Senior Staff Analyst, GRC

Mozilla Corporation is the non-profit-backed technology company that has shaped ...
Location
Location
Germany;Canada;Spain;United States;United Kingdom
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in developing and delivering an integrated GRC framework
  • Strong understanding and deep knowledge of regulatory frameworks, processes and tools related to building a robust GRC framework
  • Experience leading and delivering cross functional requirements for product & enterprise teams to implement controls and measures to meet compliance requirements
  • Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc)
  • Hands-on understanding of using various technology and tools (SEIM, BI Tools, )
  • Ability to develop Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams
  • Strong critical thinking skills with the ability to drive long term organizational impact
  • A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes
  • Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change
Job Responsibility
Job Responsibility
  • Develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives
  • Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals
  • Develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues
  • Define and deliver measurable scorecards and metrics to enable data driven decision making
  • Ensure compliance with various regulatory standards and frameworks (ISO, NIST, SOC2, CCPA, GDPR, etc)
  • Lead internal and external audit activities including tracking and resolving deficiencies and remediations
  • Partner closely with Legal / IT / Finance / Security to align on the GRC program and deliver a cohesive integrated risk management framework
  • Led defining requirement and reporting (scorecards) of data life cycle management across enterprise and product domains working with data platform and legal team
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Senior Staff Analyst, GRC

The role is part of the Security Function within the broader Mozilla Infrastruct...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in developing and delivering an integrated GRC framework
  • Strong understanding and deep knowledge of regulatory frameworks, processes and tools related to building a robust GRC framework
  • Experience leading and delivering cross functional requirements for product & enterprise teams to implement controls and measures to meet compliance requirements
  • Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc)
  • Hands-on understanding of using various technology and tools (SEIM, BI Tools)
  • Ability to develop Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams
  • Strong critical thinking skills with the ability to drive long term organizational impact
  • A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes
  • Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change
Job Responsibility
Job Responsibility
  • Governance : develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives. Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals
  • Risk Mgmt : develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues. Define and deliver measurable scorecards and metrics to enable data driven decision making
  • Compliance : ensure compliance with various regulatory standards and frameworks ( ISO, NIST, SOC2, CCPA, GDPR, etc). Lead internal and external audit activities including tracking and resolving deficiencies and remediations
  • Partner closely with Legal / IT / Finance / Security to align on the GRC program and deliver a cohesive integrated risk management framework
  • Led defining requirement and reporting (scorecards) of data life cycle management across enterprise and product domains working with data platform and legal team
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right