Key Areas of Responsibility The IT GRC Analysts prime responsibilities include: Governance *Support the development of IT GRC policies, processes, and procedures to align across multiple regulatory compliance requirements.
NIS2 / PART-IS/ AVSEC *Contribute to the continuous improvement of IT governance initiatives across the organization.
*Drive the delivery of cross-functional training initiatives aimed at enhancing IT GRC understanding.
*Collaborate with Airport Safety and Security teams to ensure appropriate alignment between Governance Activities (IT, Safety, Security) Risk Management *Manage the IT Risk Register, ensuring team commitment to mitigate or eliminate risks.
*Conduct and document Risk Assessments of IT Systems (existing and newly proposed) Compliance *Ensure adherence to relevant legal and regulatory standards (e.g., NIS / NIS2, Part IS, AvSec, GDPR).
*Introduce Information Security Management System (ISMS) tooling to aid in the achievement of our goal of Continuous Compliance with applicable regulations.
*Conduct periodic tabletop exercises to ensure the IT and Senior Leadership teams responds in accordance with documented policies and procedures.
*Coordinate IT audits and compliance reviews, recording and managing any feedback items received from same.
Qualifications, Skills and Experience The desirable competencies include: *Bachelors degree in IT, Computer Science, or a related discipline.
Alternatively substantial relevant experience will be considered.
*3+ years experience in a Compliance or Cyber Security focused role, with an interest in transitioning into an IT GRC role *Certification in CISA, CRISC or CISSP preferred but not essential.
*Project experience with ISO-27001, NIS/NIS2, AVSEC, PART-IS regulations preferred but not essential.
*Experience with risk management methodologies and compliance tools.
*Track record in playing a significant role in achievement of regulatory compliance.
*Excellent communication, problem solving and analytical skills.
*Strong grasp of cyber security concepts (attack vectors, frameworks, etc) #LI-VH2 Skills: IT risk Compliance IT analyst