Cybersecurity Compliance Analyst (GRC)

• Support and coordinate security certifications and attestations (e.g., Cyber Essentials, ISO 27001, DCC, etc.)
• Act as the primary liaison with external assessors, certification bodies, auditors, and internal customers
• Monitor and maintain ongoing compliance with certification requirements and audits, track emerging regulatory requirements, industry standards, and best practices.s
• Develop, implement, and manage enterprise cybersecurity and other IT controls aligned with various frameworks (e.g., NIST CSF, NIST SP 800 53, ISO 27001, COBIT, etc.)
• Provide high-level summaries and risk based recommendations for an improved IT controls environment.
• Served as a control framework subject matter expert, advising control owners on compliance requirements, implementation, optimization, and automation.
• Establish and maintain control standards, methodologies, and evidence requirements.s
• Identify issues within the IT controls environment and drive remediation planning and validation.
• Partner with various IT and other business teams to ensure controls are embedded into systems and processes, and support security awareness across technical and business teams
• Identify opportunities for control optimization, automation, and GRC tooling improvement.s
• Mentor anguideto junior analysts and project teams

• Ability to manage cybersecurity controls and compliance requirements
• Understanding of security architecture concepts and controls (including AI)
• Ability to interpret technical controls and translate them into compliance language
• Ability to build relationships and collaborate with others
• Strong communication, documentation, organizational, and analytical skills
• Attention to detail and documentation discipline
• Ability to work independently and manage multiple initiatives
• Ability to develop compliance dashboards, metrics, and executive reporting

• BA/BS in Information Security, Computer Science, Information Systems, or related field,ld plus at least 6 years of experience in cybersecurity, risk management, compliance, or audit, dit or demonstrated equivalency of experience and/or education
• Demonstrated experience managing security certification programs, controls design/implementation, and audits end to end
• Deep knowledge of cybersecurity controls and frameworks (ISO, NIST, SOC, COBIT)
• Strong stakeholder management, written communication, and reporting skills
• Ability to independently manage multiple-stakeholder initiatives
• Ability to travel periodically

• Professional certifications such as CISA, CISM, CISSP, CRISC, ISO 27001 Lead Implementer/Lead Auditor
• Hands on experience with GRC tools such as AuditBoard (Optro), Up Guard, ServiceNow, AI tools, etc.
• Understanding of AI frameworks and controls

Information collected and processed through your application with INSPYR Solutions (including any job applications you choose to submit) is subject to INSPYR Solutions’ Privacy Policy and INSPYR Solutions’ AI and Automated Employment Decision Tool Policy: https://www.inspyrsolutions.com/policies/. By submitting an application, you are consenting to being contacted by INSPYR Solutions through phone, email, or text.