Cyber GRC Analyst

Job Overview

Governance, Risk and Compliance (GRC) Analyst

Location: Austin, Texas

Work Mode: Hybrid – 3 days in office

The GRC Analyst will provide a strong understanding of security and privacy principles, along with a sound knowledge of regulatory and compliance requirements affecting a U.S. business. The role supports and maintains the  Cyber GRC Program and works closely with the BISO and central GRC functions to develop, implement, and maintain cyber security policies, standards, guidelines, and processes.

• Work with key internal and external stakeholders to ensure compliance with PCI DSS, Privacy and GDPR requirements, audits, and assessments.
• Assist in the risk assessment process and report on enterprise-wide and third‑party security controls.
• Support the implementation of key security initiatives across the organization.
• Manage audits, external assessments, and assurance processes, including PCI DSS and NIST CSF.
• Develop and manage metrics to measure and track cyber risks and the effectiveness of the GRC function.
• Conduct compliance readiness assessments and assurance activities against policies and standards.
• Track technology and cyber‑related audit findings and actions.
• Assist in developing measurable cyber security standards that align with policy control objectives.
• Support user and specialist user education and awareness exercises for employees.
• Assist in developing effective measurement and simplified reporting of cyber security risks within the business.
• Assist with third‑party security assessments against industry standards and New UK control standards.
• Maintain the cyber security risk register.

• 3+ years’ experience within Cyber Security or related fields.
• Demonstrated governance, risk, and compliance experience in dynamic and complex cyber security, technology, and business environments.
• Strong knowledge of industry frameworks and standards such as NIST CSF, PCI DSS, and ISO 27001.
• Good working knowledge of cloud infrastructure, especially AWS.
• Previous experience in a SOX compliance environment is desirable.
• Strong oral and written communication skills.
• Qualification in Information Security, Computer Science, Engineering, or a related discipline.
• Professional security certifications such as CISSP, CISM, CISA, or CRISC are preferred.

Base Pay Range: $80,000 – $110,000 + Bonus. Competitive and flexible compensation is offered to attract top talent. Bonus targets are determined by market benchmarks and individual performance. Benefits include health, retirement, well‑being, and optional plans to meet diverse employee needs.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, or any other protected characteristic. Reasonable accommodation for qualified individuals with disabilities is available throughout the application and interview process. If assistance is needed, please e‑mail  with "Reasonable Accommodation" in the subject line.