GRC Specialist

Job Summary

The GRC Specialist supports the organization's governance, risk, and compliance (GRC) program by

executing risk assessments, compliance activities, control testing, and audit support. This role works closely with other cybersecurity pillars, IT, legal, and business teams to ensure security and privacy requirements are implemented, evidenced, and continuously improved. The GRC Specialist plays a key role in maintaining compliance with regulatory, contractual, and internal security requirements while enabling the business to manage risk effectively.

Job Qualifications

• 2–4 years of experience in GRC, compliance, risk management, or security assurance.
• Familiarity with security frameworks and standards (NIST, ISO 27001, CIS).
• Experience supporting audits and managing compliance evidence.
• Strong analytical, leadership, and communication skills.
• Relevant certifications such as CGRC, CISA, or CISM is preferred but not required.