You will be managing risk assessments of both third parties and internal technologies. In addition, the candidate will be performing compliance activities related to technology assurance areas around access management, vulnerability management and configuration management. Candidate will also demonstrate ability and experience in governance related activities including administrative management of risk and control registers as well as policies and standards.

The roles and responsibilities of the GRC Analyst are:

Risk Management Responsibilities

• Execute risk assessment testing supporting the Risk Manager.
• Document risk assessment results.
• Support Risk Manager in drafting risk assessment reports.
• Perform administrative management of risk register (additions/editions/deletions, etc).
• Document risk acceptance/exemptions that have been approved per the program.
• Manage quarterly/annual review of risk acceptance/exceptions.
• Manage risk assessment results in relevant dashboards.
• Document Issues and Remediation activities for all exceptions noted during risk assessments.

Compliance Responsibilities

• Perform quarterly compliance assurance testing.
• Document compliance testing results.
• Maintain Management Action Plan (MAP) catalog with due dates.
• Manage monthly audit MAPs. Includes the timely communication of open MAPs an escalation as needed of risks to completing MAPs at their agreed delivery dates.
• Perform administrative activities in GRC Solution for compliance related activities.

The GRC Analyst should have the following skill set:

• 3 years in Information Security field, with at least 2 years working in GRC.
• Experience with GRC tools (eg, Auditboard, Archer, etc).
• Knowledge of security concepts and methodologies such as risk assessments, risk & controls, policies & standards, enterprise security strategies, network, and cloud security.
• Knowledge of security frameworks such as CIS and NIST.
• Excellent written and verbal communications skills, including presentational skills and able to clearly communicate issues to management and other key stakeholders.

Contract details:

• Start date: ASAP
• Length of contract: Initial duration of 6 months, potential employment after 6 months
• Type of contract: Contractor
• Location: LATAM
• Rate: Please let us know your hourly rate.
• Interviews: Next week

Please feel free to share a cover letter on your suitability on this position based on your experience and your personal and professional aspirations. If this role doesn't fit your preference or experience, please feel free to share within your network.