Governance Risk and Compliance I Analyst III

Mandaluyong - Philippines

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Description

At Vertiv we dont just hire talentwe cultivateleaderswho driveinnovationand engage teams to pushthe limitsof criticaldigitalinfrastructurewearescalinguptomeetthedemandsof AIdata centersandnext-gentechnologyandweneedboldhigh-performingindividualslikeYOUtotakeustothenextlevel.

Why Vertiv

High-PerformanceCulture:Weempoweryoutothinkbigexecutewithexcellenceanddeliverimpact.Our performance-driven mindsetrewards those who challenge the status quo and drive meaningful change. Over 50 CEO Awardsare given annually to recognize top talent moving the needle forward.
LeadershipWithoutLimits:LeadershipatVertivgoesbeyondjusttitlesitsaboutaccountabilitytrustand ownership. Our leaders engage and drivewith collaboration innovation and customer-centric thinking setting the foundation for an action-focused culture.
LimitlessGrowth&Learning:rotationalprograms or high-impact projects youll have the opportunity to expand your expertise and grow your career.
APlaceforEveryone:Ourcommitmenttoinclusionensuresthatallemployeesuniquestrengthsand perspectivesarevalued.Yourvoicemattersyourgrowthisprioritizedandyoursuccessiscelebrated.

Position Summary

The Senior GRC Analyst will act as a key contributor to Vertivs Governance Risk and Compliance initiatives driving risk assessments security reviews audit readiness and third-party risk management efforts. This role supports continuous improvement of the risk register and policy exception processes partners with cross-functional stakeholders and helps develop a scalable security and compliance posture across the organization.

Key Responsibilities

Lead IT risk assessments mitigation planning and control monitoring activities.
Oversee risk register updates and coordinate with risk owners and SMEs to track mitigation actions.
Drive third-party risk reviews and assessments using OneTrust and SecurityScorecard escalating high-risk vendors for action.
Conduct contract reviews focused on information security terms and recommend necessary revisions.
Respond to customer security questionnaires with input from SMEs using Loopio.
Supervise compliance training rollouts (e.g. phishing campaigns annual security awareness training).
Review and recommend changes to IT security policies and standards aligned with ISO 27001 NIST CSF and other frameworks.
Support internal and external audits by gathering evidence and assisting with SOX and ISO audit readiness.
Generate and present GRC dashboards and KPIs to leadership to inform risk posture and team performance.
Act as an escalation point for GRC process inquiries and ticket-related exceptions.
Mentor junior analysts and support GRC program maturity through playbooks SOPs and process documentation.

Qualifications

Bachelors degree in information systems Cybersecurity or a related field.
5 years of experience in GRC IT Risk Management or Information Security.
Strong understanding of ITGC SOX ISO 27001 NIST CSF and data privacy regulations (e.g. HIPAA GDPR).
Experience with GRC platforms such as ServiceNow GRC OneTrust and SecurityScorecard.
Strong documentation and analytical skills with experience preparing audit-ready evidence.
Certifications such as CISA CISSP ISO 27001 Lead Implementer or Auditor (preferred).
Excellent communication and stakeholder management skills across global teams.
Strong organizational skills and ability to manage multiple deliverables independently.

The successful candidate will embrace Vertivs Core Principals & Behaviors to help execute our Strategic Priorities.

OUR CORE PRINCIPALS: . . Diversity & Inclusion.

OUR STRATEGIC PRIORITIES

Customer Focus
Operational Excellence
High-Performance Culture
Innovation
Financial Strength

OUR BEHAVIORS

Think Big and Execute
Act With Urgency
Own It
Drive Continuous Improvement
Promote Transparent and Open Communication
Learn and Seek Out Development
Foster a Customer-First Mindset
Lead by Example

Required Experience:

DescriptionAt Vertiv we dont just hire talentwe cultivateleaderswho driveinnovationand engage teams to pushthe limitsof criticaldigitalinfrastructurewearescalinguptomeetthedemandsof AIdata centersandnext-gentechnologyandweneedboldhigh-performingindividualslikeYOUtotakeustothenextlevel.Why VertivHig...

Description

Why Vertiv

High-PerformanceCulture:Weempoweryoutothinkbigexecutewithexcellenceanddeliverimpact.Our performance-driven mindsetrewards those who challenge the status quo and drive meaningful change. Over 50 CEO Awardsare given annually to recognize top talent moving the needle forward.
LeadershipWithoutLimits:LeadershipatVertivgoesbeyondjusttitlesitsaboutaccountabilitytrustand ownership. Our leaders engage and drivewith collaboration innovation and customer-centric thinking setting the foundation for an action-focused culture.
LimitlessGrowth&Learning:rotationalprograms or high-impact projects youll have the opportunity to expand your expertise and grow your career.
APlaceforEveryone:Ourcommitmenttoinclusionensuresthatallemployeesuniquestrengthsand perspectivesarevalued.Yourvoicemattersyourgrowthisprioritizedandyoursuccessiscelebrated.

Position Summary

Key Responsibilities

Lead IT risk assessments mitigation planning and control monitoring activities.
Oversee risk register updates and coordinate with risk owners and SMEs to track mitigation actions.
Drive third-party risk reviews and assessments using OneTrust and SecurityScorecard escalating high-risk vendors for action.
Conduct contract reviews focused on information security terms and recommend necessary revisions.
Respond to customer security questionnaires with input from SMEs using Loopio.
Supervise compliance training rollouts (e.g. phishing campaigns annual security awareness training).
Review and recommend changes to IT security policies and standards aligned with ISO 27001 NIST CSF and other frameworks.
Support internal and external audits by gathering evidence and assisting with SOX and ISO audit readiness.
Generate and present GRC dashboards and KPIs to leadership to inform risk posture and team performance.
Act as an escalation point for GRC process inquiries and ticket-related exceptions.
Mentor junior analysts and support GRC program maturity through playbooks SOPs and process documentation.

Qualifications

Bachelors degree in information systems Cybersecurity or a related field.
5 years of experience in GRC IT Risk Management or Information Security.
Strong understanding of ITGC SOX ISO 27001 NIST CSF and data privacy regulations (e.g. HIPAA GDPR).
Experience with GRC platforms such as ServiceNow GRC OneTrust and SecurityScorecard.
Strong documentation and analytical skills with experience preparing audit-ready evidence.
Certifications such as CISA CISSP ISO 27001 Lead Implementer or Auditor (preferred).
Excellent communication and stakeholder management skills across global teams.
Strong organizational skills and ability to manage multiple deliverables independently.

Customer Focus
Operational Excellence
High-Performance Culture
Innovation
Financial Strength

OUR BEHAVIORS

Think Big and Execute
Act With Urgency
Own It
Drive Continuous Improvement
Promote Transparent and Open Communication
Learn and Seek Out Development
Foster a Customer-First Mindset
Lead by Example

Required Experience:

Key Skills

ISO 27001
Microsoft Access
Risk Management
Financial Services
PCI
Risk Analysis
Analysis Skills
COBIT
NIST Standards
SOX
Information Security
Data Analysis Skills

Apply Now

About Company

Vertiv Group

Work Authorization No calls or agencies please. Vertiv will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1, H-1, H-2, L, B, J, or TN or who need s ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click