drjobs Senior / Lead GRC Analyst (IGT1 Lanka: Sitecore)

Senior / Lead GRC Analyst (IGT1 Lanka: Sitecore)

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Colombo - Sri Lanka

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

About the role: 

We are looking for a detailoriented and proactive GRC (Governance Risk and Compliance) Analyst to join our team. This role will be based in Sri Lanka and will support operations aligned with U.S. Central or Eastern time zones. The GRC Analyst will work closely with and support two Senior GRC Analysts and the CISO contributing to the daytoday execution of compliance programs audit preparation risk assessments and overall security governance efforts.

This is a handson role ideal for someone who thrives in a collaborative fastpaced environment and is passionate about security compliance and risk management.

Key Responsibilities

Governance & Compliance

  • Support the implementation and maintenance of compliance programs aligned with frameworks such as ISO 27001 SOC 2 HIPAA PCI DSS GDPR TISAX NIST and IRAP.
  • Assist in maintaining and updating security policies procedures and controls to ensure alignment with regulatory requirements.
  • Conduct compliance reviews to identify gaps and assist in defining remediation actions.
  • Monitor changes in regulatory requirements and provide input into compliance strategy and updates.

Audit Support

  • Collaborate with internal stakeholders to coordinate auditrelated activities including evidence collection documentation preparation and status reporting.
  • Maintain audit calendars track deliverables and ensure readiness for internal and external audits.

Risk Management

  • Support periodic risk assessments helping to identify document and track technology and process risks.
  • Maintain the risk and findings register ensuring items are regularly updated and monitored for progress.

CrossFunctional Collaboration

  • Work closely with teams across Engineering Product Legal Procurement and Enterprise Technology to support compliance initiatives and ensure timely completion of action items.
  • Provide ongoing support and clarity to teams on compliance tasks and expectations.

Reporting & Documentation

  • Assist in preparing and delivering status reports dashboards and metrics on GRC activities for leadership and stakeholders.
  • Ensure that compliance documentation is consistently updated and centrally stored (e.g. SharePoint Confluence).

Qualifications :

Preferred Skills and Experience: 

    • Bachelors degree in information technology Cybersecurity or a related field.
    • Familiarity with industry standards and frameworks such as ISO 27001 SOC 2 HIPAA GDPR PCI DSS NIST and others.
    • 35 years of experience in a GRC risk management audit support or compliance role in a technologydriven environment.
    • Strong attention to detail organizational skills and ability to manage multiple tasks.
    • Experience working across global teams and time zones is a plus.
    • Certifications such as CISA CRISC or ISO 27001 Lead Implementer/Auditor are a plus.
    • Comfortable using Microsoft 365 tools (e.g. Outlook Teams Excel SharePoint) and collaboration platforms.

    Work Conditions 

    • This role requires full coverage of U.S. Central or Eastern time zone hours.

    • Occasional flexibility may be needed to support urgent compliance or audit activities.


    Remote Work :

    No


    Employment Type :

    Fulltime

    Employment Type

    Full-time

    Company Industry

    About Company

    Report This Job
    Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.