Junior Cyber Governance, Risk and Compliance Analyst
Location: Cork or Dublin – Hybrid
What You’ll Be Doing
GRC Perform Activities:
* Maintain and mature the existing third‑party management governance framework.
* Manage day‑to‑day activities such as mailbox management and 3rd‑party/supplier risk.
* Execute phishing awareness and corrective actions, including employee training and awareness.
* Run the Risk Working Committee, ensuring IT risks are captured, logged and mitigated.
* Report IT risk incidents and GDPR breach notifications; support compliance with NIS2, AI, GDPR.
* Develop and schedule GRC governance controls and reviews; continuously assess the risk register.
* Engage with business owners for third‑party audits and support the Information team during incidents.
* Assist with audits, testing reports, and internal phishing campaigns.
* Monitor compliance across Musgrave using documents such as Third‑Party Assessment questionnaires and DPIAs.
* Provide security and data protection advice to business units and support data protection projects.
* Create management information, communications and ad‑hoc reporting.
* Maintain policies and procedures related to Security & Privacy and support identification and management of IT and cyber security risks.
Focused on IT & Cyber Risk
* Conduct technical assessments of company systems, applications, and business activities; report and track remediation.
* Define IT & Cyber security requirements and controls for new transformation activities.
* Assess vendors from an IT risk perspective.
* Govern and apply Security policies and standards.
* Ensure compliance with ISO 27001, NIST, GDPR, PCI DSS, and other frameworks.
* Conduct regular risk assessments and control effectiveness testing.
* Assist in managing IT Risk, risk register and exposure management activities.
* Promote a strong security and risk culture aligned with strategic and commercial goals.
Focused on Compliance
* Assess and report on internal compliance with company policies and standards.
* Liaise with the Data Protection Team for GDPR compliance and third‑party management.
* Support admin of policies, privacy, governance and risk management programs.
* Engage with regulatory authorities (e.g., DPC) for data breach reporting and investigations.
* Assure compliance through review of documents such as Third‑Party Assessment questionnaires and DPIAs.
* Assist with PCI compliance and attestation activities.
What You’re Looking For
* Ethical and impartial; able to report non‑compliance.
* Confidentiality handling; team player; self‑starter who manages workload effectively.
* Analytical, diagnostic and problem‑solving skills with timely delivery.
* Strong presentation skills (graphic, written, oral) and training delivery.
* IT, Privacy or Security certification or equivalent qualification and work experience.
What We Offer
* Career Development – opportunities for growth and learning.
* Collaborative Environment – impactful contributions.
* Innovation Focus – forward‑thinking solutions.
* Community Focus – positive impact on communities.
* Legacy – joining a company with a long‑standing commitment to community and innovation.
Ready to make an impact? Apply now and join a forward‑thinking company that values your expertise and vision.
Musgrave is an equal opportunities employer. We encourage applications from diverse candidates. If we can make any accommodations to enable you to be the best version of yourself during the interview, please let us know.
Musgrave operates a Work Smart hybrid working model where you can alternate your time between collaborating in the business and working remotely.
Junior Governance, Risk and Compliance Analyst.
#J-18808-Ljbffr