Governance Risk and Compliance I Analyst III

Mandaluyong - Philippines

Monthly Salary: Not Disclosed

Posted on: 16 hours ago

Vacancies: 1 Vacancy

Job Summary

Description

Job Title: Senior GRC Analyst

Division: Governance Risk & Compliance IT Security

Position Summary

The Senior GRC Analyst will act as a key contributor to Vertivs Governance Risk and Compliance initiatives driving risk assessments security reviews audit readiness and third-party risk management efforts. This role supports continuous improvement of the risk register and policy exception processes partners with cross-functional stakeholders and helps develop a scalable security and compliance posture across the organization.

Key Responsibilities

Lead IT risk assessments mitigation planning and control monitoring activities.
Oversee risk register updates and coordinate with risk owners and SMEs to track mitigation actions.
Drive third-party risk reviews and assessments using OneTrust and SecurityScorecard escalating high-risk vendors for action.
Conduct contract reviews focused on information security terms and recommend necessary revisions.
Respond to customer security questionnaires with input from SMEs using Loopio.
Supervise compliance training rollouts (e.g. phishing campaigns annual security awareness training).
Review and recommend changes to IT security policies and standards aligned with ISO 27001 NIST CSF and other frameworks.
Support internal and external audits by gathering evidence and assisting with SOX and ISO audit readiness.
Generate and present GRC dashboards and KPIs to leadership to inform risk posture and team performance.
Act as an escalation point for GRC process inquiries and ticket-related exceptions.
Mentor junior analysts and support GRC program maturity through playbooks SOPs and process documentation.

Qualifications

Bachelors degree in information systems Cybersecurity or a related field.
5 years of experience in GRC IT Risk Management or Information Security.
Strong understanding of ITGC SOX ISO 27001 NIST CSF and data privacy regulations (e.g. HIPAA GDPR).
Experience with GRC platforms such as ServiceNow GRC OneTrust and SecurityScorecard.
Strong documentation and analytical skills with experience preparing audit-ready evidence.
Certifications such as CISA CISSP ISO 27001 Lead Implementer or Auditor (preferred).
Excellent communication and stakeholder management skills across global teams.
Strong organizational skills and ability to manage multiple deliverables independently.

Required Experience:

DescriptionJob Title: Senior GRC AnalystDivision: Governance Risk & Compliance IT Security Position SummaryThe Senior GRC Analyst will act as a key contributor to Vertivs Governance Risk and Compliance initiatives driving risk assessments security reviews audit readiness and third-party risk manage...

Description

Job Title: Senior GRC Analyst

Division: Governance Risk & Compliance IT Security

Position Summary

Key Responsibilities

Lead IT risk assessments mitigation planning and control monitoring activities.
Oversee risk register updates and coordinate with risk owners and SMEs to track mitigation actions.
Drive third-party risk reviews and assessments using OneTrust and SecurityScorecard escalating high-risk vendors for action.
Conduct contract reviews focused on information security terms and recommend necessary revisions.
Respond to customer security questionnaires with input from SMEs using Loopio.
Supervise compliance training rollouts (e.g. phishing campaigns annual security awareness training).
Review and recommend changes to IT security policies and standards aligned with ISO 27001 NIST CSF and other frameworks.
Support internal and external audits by gathering evidence and assisting with SOX and ISO audit readiness.
Generate and present GRC dashboards and KPIs to leadership to inform risk posture and team performance.
Act as an escalation point for GRC process inquiries and ticket-related exceptions.
Mentor junior analysts and support GRC program maturity through playbooks SOPs and process documentation.

Qualifications

Bachelors degree in information systems Cybersecurity or a related field.
5 years of experience in GRC IT Risk Management or Information Security.
Strong understanding of ITGC SOX ISO 27001 NIST CSF and data privacy regulations (e.g. HIPAA GDPR).
Experience with GRC platforms such as ServiceNow GRC OneTrust and SecurityScorecard.
Strong documentation and analytical skills with experience preparing audit-ready evidence.
Certifications such as CISA CISSP ISO 27001 Lead Implementer or Auditor (preferred).
Excellent communication and stakeholder management skills across global teams.
Strong organizational skills and ability to manage multiple deliverables independently.

Required Experience:

Key Skills

ISO 27001
Microsoft Access
Risk Management
Financial Services
PCI
Risk Analysis
Analysis Skills
COBIT
NIST Standards
SOX
Information Security
Data Analysis Skills

Apply Now

About Company

Vertiv Group

Work Authorization No calls or agencies please. Vertiv will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1, H-1, H-2, L, B, J, or TN or who need s ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click