We’re looking for an IT & Cyber Risk GRC Analyst to support and enhance our Information Security Governance, Risk & Compliance (GRC) function. This role is ideal for someone with experience in IT risk, cyber governance, compliance frameworks, and third‑party risk management who enjoys working cross‑functionally to strengthen organisational security posture. You’ll collaborate closely with IT, Cyber Security, Risk, and Business stakeholders to ensure risks are identified, controls are effective, and compliance obligations are consistently met.
Responsibilities
Maintain and enhance the Information Security GRC framework
Support development and updates of security policies, standards, and procedures
Define security requirements for projects, RFPs, and new technologies
Prepare for and support internal and external audits, tracking remediation activities
Contribute to governance reviews, risk committee reporting, and management dashboards
Conduct IT and cyber risk assessments across systems, applications, and business processes
Identify control gaps, recommend remediation actions, and track issues to closure
Ensure alignment with recognised frameworks including:
ISO 27001
NIST Cyber Security Framework (CSF)
PCI DSS
Maintain and manage the IT risk register, including risk identification, scoring, and mitigation tracking
Perform control effectiveness testing and ongoing risk monitoring
Support incident management activities from a risk and governance perspective
Promote a strong security awareness and risk culture across the organisation
Third-Party & Project Security
Conduct third-party security risk assessments and vendor reviews
Perform onsite or remote supplier security assessments where required
Provide security governance input into IT projects, transformation initiatives, and system rollouts
Collaborate with Project Managers, Solution Architects, and technical teams to embed security requirements
Operational & Reporting Support
Maintain audit evidence, risk documentation, and compliance artefacts
Produce risk reports, dashboards, and metrics for leadership and governance forums
Support security awareness initiatives, including phishing simulations and follow‑up analysis
Monitor compliance with internal security standards and escalate gaps as required
What You’ll Bring
Strong understanding of information security principles, governance, and risk management frameworks
Experience conducting IT risk assessments, control testing, or cyber governance activities
Ability to identify risks and define practical, risk‑based control measures
Experience working within regulated or compliance‑driven environments
Strong analytical, problem‑solving, and reporting skills
Excellent written and verbal communication skills
Ability to manage workload independently while collaborating across multiple stakeholders
High integrity and experience handling confidential and sensitive information
Qualifications and Certifications
Third‑level qualification in Information Security, IT, or a related field, or equivalent experience
Certifications such as
CISSP
CISM
CRISC
Security+
Apply now or email your CV to shane.doolin@realtime.jobs
Must be based in Ireland holding Stamp 4, EU, Irish Passport – No Sponsorship supported
#J-18808-Ljbffr