We are looking to hire a GRC Analyst with an analytical mind and a detailed understanding of compliance and audit methodologies. As a Risk & Compliance Analyst, you will be responsible for conducting risk assessments, developing risk management plans, and monitoring compliance with internal policies and external regulations. You will also be responsible for analyzing data, identifying potential risks, and making recommendations for risk mitigation. Additionally, you will play a key role in evaluating and implementing new processes and systems to enhance risk management and compliance efforts.

A degree in computer science, IT, systems engineering, MIS or related qualification 4-5 years of compliance, risk, audit and/or consulting experience  Drive the development of and execute risk-based internal controls that clearly define the objective and scope of each risk and control matrix, employing critical thinking and appropriate self-assessment/operating effectiveness testing methodologies. Perform the evaluation and design of internal controls and make recommendations for improvement Partner and liaise with internal and external auditors to plan and implement an assessment of the control environment, coordination of timing and execution of process walkthroughs, and a process for timely sharing of potential issues for resolution with respect to internal controls Provide recommendations to implement and improve controls, processes, and procedures to ensure Information Security compliance and achievement of operating effectiveness. Responsible for the documentation and maintenance of all business process maps, data lineage, process narratives, control descriptions, and risk and control matrices to ensure accuracy, timeliness, and completeness of information. Managing and analyzing incoming cyber risks for all departments of the organization, preparing risk reports and ensuring actions are documented and delivered, Tracking and monitoring risk activities, notifying action owners, and escalating where required, ensuring risks and remediation plans are regularly addressed. Work closely with business unit teams to ensure proper and timely remediation of Information Security controls Prepare updates to management, including management control remediation plans Develop processes and policies for reporting findings