Title
: Security GRC Analyst
Type:
Permanent
Location:
Cork
My client is looking to hire a cyber focused GRC analyst for a brand new team based in Cork. You will have circa 5+ years exp for this this role and you will report into one of the most engaging DPO / CISO's in the country. The cGRC Analyst will support the organisation's Governance, Risk, and Compliance (GRC) function, helping to ensure that information assets, systems, and data are protected while enabling business transformation and innovation. This is an excellent opportunity for motivated professionals with experience in information security, IT risk, governance, or data protection to further develop their careers within a large, complex enterprise environment.
THIS IS A BRAND NEW ROLE WITHIN A BRAND NEWLY FORMED TEAM
THIS ROLE IS CORK BASED
ONSITE 2-3 DAYS PER WEEK
Key Responsibilities:
* Develop, implement, and maintain the organisation's GRC framework.
* Support the creation and maintenance of security and privacy policies, standards, and procedures.
* Act as a security and risk subject matter expert for IT and business projects, including defining security requirements.
* Support internal and external audits, including preparation, evidence gathering, and remediation tracking.
* Manage and track risk assessment activities and remediation actions to completion.
* Produce management information, metrics, and reports as required.
* Conduct technical and procedural risk assessments of systems, applications, and business processes.
* Define and assess security controls for new systems and transformation initiatives.
* Evaluate third-party vendors from an IT and cyber risk perspective.
* Support governance of security standards and frameworks (e.g. ISO 27001, NIST).
* Maintain risk registers and support ongoing risk exposure management.
* Promote a strong security and risk-aware culture across the organisation.
* Monitor and assess compliance with internal policies, standards, and regulatory requirements.
* Support GDPR and privacy compliance activities, including third-party management.
* Assist with Data Protection Impact Assessments (DPIAs) and compliance reviews.
* Support engagement with regulatory authorities where required (e.g. breach notifications, investigations).
* Assist with PCI DSS compliance and attestation activities.
* Review evidence of compliance from third parties and internal stakeholders.
Key Experience:
1. Ideally have 5+ years experience in IT Audit, IT Risk, GRC etc…
2. Privacy or security certification (e.g. IAPP, CIPP, CISSP) or equivalent relevant experience
3. Experience in information security, IT risk, governance, or data protection
4. Strong understanding of security and data protection regulations and frameworks (e.g. GDPR, ISO 27001, NIS)