GRC Analyst

Who We AreWe help the world Be Everyday ReadyTodays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity arming organizations with the people platforms and perspectives they need to conquer whatever tomorrow throws their way. Great Place to Work Certified United States Canada United Kingdom India

About the Job:

Cyderes is looking for an GRC Analyst. The GRC Analyst will be responsible for daily activities in implementing the information security and compliance programme. You will help maintain audit and compliance projects to ensure policies standards procedures and audit activities are according to business IT and regulatory requirements. You will also participate in and support multiple department activities. These activities may include quarterly user access reviews the development of information security policies procedures and standards. They may also include training and awareness activities and reviewing and responding to security requirements and inquiries regarding existing or proposed solutions. You will perform internal and external security compliance monitoring activities manage client audits IT control audits and security risk assessments.

To be successful in this role you must be comfortable with evaluating documenting and creating remediation plans to meet compliance requirements in a. The effectiveness of the implementation and operation of the information security and compliance directives will measure success.

Responsibilities:

• Coordinate IT security governance risk and compliance activities across the enterprise
• Oversee information security compliance activities including daily weekly quarterly and annual security risk assessments both performing internal assessments and responding to external assessments
• Respond to request for information on Cyderes security compliance from customers and partners review and negotiate relevant agreements
• Support efforts for compliance with SOC2 ISO 27001 NIST 800-53 and other security standards and regulatory frameworks
• Conduct audit readiness assessments and coordinate with internal and external functions and audit resources
• Support the implementation and administration of the Governance Risk and Compliance system (GRC)
• Collaborate with other departments to direct security compliance issues to appropriate channels for investigation and resolutions
• Revise and maintain security and controls procedures following applicable regulations
• Ensure Continuous Compliance through Continuous testing of security and privacy control
• Provide recommendations for technology licencing and process updates to improve Cyderes overall security posture
• Develop and provide reports to keep management informed of the operation and progress of compliance efforts

Requirements

• Minimum 3 years in a GRC role with at least 1 full year of hands-on administration of a GRC automation tool (Vanta Drata or Sprinto). We prefer Vanta.
• Experience in design and implementation of information security policies and controls
• Experience participating in external security audits; SOC2 Type II
• Experience conducting needs assessments and identifying/implementing appropriate solutions
• Knowledge of security technologies and architecture including encryption cloud network security design security group configuration intrusion detection data loss prevention and application security
• CISSP CISM CISA certifications
• Analyst A (The Internal Builder): Focuses on Vanta SOC2/ISO mapping and internal engineering/DevOps agreement.)
• Evidence Collection: Experience translating abstract SOC2 criteria into technical screenshots logs or API outputs.
• Experience translating abstract SOC2 Common Criteria or ISO 27001 clauses into applicable technical controls.

#LI-Hybrid

WHY CYDERES

Benefits that go beyond the basics we support our people so they can do their best work.

Medical Insurance - Employee dependents covered

Life Insurance -Protection for what matters most

Retirement Match Program - We invest in your future

Hybrid Work Model -23 days in office

Maternity & Paternity Leave-Time for the moments that matter

Paid Time Off -PTO sick & casual leave

Bereavement & Volunteer Time - Giveback to your community

Professional Development -Reimbursement program

LinkedIn L&D Platform -Thousands of coursesat your fingertips

Mobile Phone Reimbursement -Stay connected on us

Cyderesis an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.

Required Experience:

IC

Employment Type : Full-Time
Experience: years
Vacancy: 1