Key Areas of Responsibility The IT GRC Analysts prime responsibilities include: Governance *Support the development of IT GRC policies, processes, and procedures to align across multiple regulatory compliance requirements. NIS2 / PART-IS/ AVSEC *Contribute to the continuous improvement of IT governance initiatives across the organization. *Drive the delivery of cross-functional training initiatives aimed at enhancing IT GRC understanding. *Collaborate with Airport Safety and Security teams to ensure appropriate alignment between Governance Activities (IT, Safety, Security) Risk Management *Manage the IT Risk Register, ensuring team commitment to mitigate or eliminate risks. *Conduct and document Risk Assessments of IT Systems (existing and newly proposed) Compliance *Ensure adherence to relevant legal and regulatory standards (e.g., NIS / NIS2, Part IS, AvSec, GDPR). *Introduce Information Security Management System (ISMS) tooling to aid in the achievement of our goal of Continuous Compliance with applicable regulations. *Conduct periodic tabletop exercises to ensure the IT and Senior Leadership teams responds in accordance with documented policies and procedures. *Coordinate IT audits and compliance reviews, recording and managing any feedback items received from same. Qualifications, Skills and Experience The desirable competencies include: *Bachelors degree in IT, Computer Science, or a related discipline. Alternatively substantial relevant experience will be considered. *3+ years experience in a Compliance or Cyber Security focused role, with an interest in transitioning into an IT GRC role *Certification in CISA, CRISC or CISSP preferred but not essential. *Project experience with ISO-27001, NIS/NIS2, AVSEC, PART-IS regulations preferred but not essential. *Experience with risk management methodologies and compliance tools. *Track record in playing a significant role in achievement of regulatory compliance. *Excellent communication, problem solving and analytical skills. *Strong grasp of cyber security concepts (attack vectors, frameworks, etc) #LI-VH2 Skills: IT risk Compliance IT analyst