We are seeking aGRC (Governance, Risk, and Compliance) Analystto join our client's security team in Dublin. This role will be crucial in a fast-paced environment where you'll be responsible for ensuring our security posture aligns with key regulatory frameworks and industry best practices. The ideal candidate will have deep expertise inISO 27001,NIST, andDORA.ResponsibilitiesCompliance & Governance: Lead the implementation and maintenance of security frameworks, specifically ISO 27001, NIST CSF, and the new DORA regulation.Risk Management: Conduct detailed risk assessments and gap analyses to identify vulnerabilities and compliance gaps against specified frameworks.Audits: Coordinate and support internal and external audits, including preparing evidence and documentation for auditors. You will be the point of contact for audit inquiries.Policy & Procedure: Develop, update, and manage security policies, standards, and procedures to ensure they align with the latest regulatory requirements.Reporting: Create and present clear, actionable reports on our compliance status, risk posture, and remediation efforts to both technical teams and senior leadership.Remediation: Track and facilitate the remediation of identified control gaps, collaborating with various teams to ensure timely resolution.Skills & QualificationsExperience: At least 3-5 years of experience in a GRC, information security, or IT audit role.Technical Expertise: A comprehensive and practical understanding of ISO 27001 and its implementation. Experience with NIST frameworks (e.g., CSF, SP 800 series) is essential.DORA Knowledge: A strong understanding of the Digital Operational Resilience Act (DORA) is a key requirement. You must know what it entails and how to apply it within a financial or IT services organization.Certifications (Preferred): Relevant professional certifications are highly desirable, such as ISO 27001 Lead Implementer/Auditor, CRISC, CISA, or CISSP .Communication: Excellent communication and stakeholder management skills. You must be able to translate complex security and compliance requirements into a business context for non-technical audiences.Problem-Solving: Strong analytical and problem-solving abilities, with a meticulous attention to detail.