About the Role
As a Cybersecurity GRC Analyst, you will support organizations in strengthening their cybersecurity posture by assessing maturity, managing risks, and ensuring compliance with global frameworks and regional regulations. You will work closely with clients to translate technical findings into clear business insights and actionable improvement roadmaps.
Key Responsibilities
• Support cybersecurity maturity, risk, and compliance assessments across frameworks such as NIST CSF, NIST 800-53, ISO/IEC 27001, CIS Controls, IEC 62443, and regional regulations (MAS TRM, PDPA, GDPR, EU AI Act)
• Conduct stakeholder interviews, workshops, document reviews, and control walkthroughs to assess current security capabilities
• Analyze findings, perform control maturity scoring, and identify gaps and risks in clear, business-relevant language
• Develop high-quality deliverables including current state assessments, gap analyses, benchmarking reports, and prioritized remediation roadmaps
• Build effective working relationships with client stakeholders across IT, OT, risk, audit, legal, and business teams
• Support client meetings and working sessions, including documentation, action tracking, and follow-ups
• Collaborate with regional teams across Singapore, Thailand, and APAC to deliver consistent and high-quality outcomes
• Contribute to proposals, methodologies, and knowledge assets to strengthen the cybersecurity GRC practice
• Conduct stakeholder interviews, workshops, document reviews, and control walkthroughs to assess current security capabilities
• Analyze findings, perform control maturity scoring, and identify gaps and risks in clear, business-relevant language
• Develop high-quality deliverables including current state assessments, gap analyses, benchmarking reports, and prioritized remediation roadmaps
• Build effective working relationships with client stakeholders across IT, OT, risk, audit, legal, and business teams
• Support client meetings and working sessions, including documentation, action tracking, and follow-ups
• Collaborate with regional teams across Singapore, Thailand, and APAC to deliver consistent and high-quality outcomes
• Contribute to proposals, methodologies, and knowledge assets to strengthen the cybersecurity GRC practice
Required Qualifications
• 1 to 3 years of relevant experience in cybersecurity, GRC, IT audit, risk advisory, or security consulting, preferably in a client-facing role
• Working knowledge of at least one cybersecurity framework (e.g., NIST CSF, ISO/IEC 27001, CIS Controls)
• Understanding of security domains such as identity and access management, network security, endpoint security, vulnerability management, incident response, and data protection
• Familiarity with regulatory requirements in Singapore and APAC, including MAS TRM Guidelines and PDPA
• Strong analytical and problem-solving skills, with attention to detail in assessment and reporting
• Excellent written and verbal communication skills, with the ability to present technical insights in business terms
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, Business, or related field
• Working knowledge of at least one cybersecurity framework (e.g., NIST CSF, ISO/IEC 27001, CIS Controls)
• Understanding of security domains such as identity and access management, network security, endpoint security, vulnerability management, incident response, and data protection
• Familiarity with regulatory requirements in Singapore and APAC, including MAS TRM Guidelines and PDPA
• Strong analytical and problem-solving skills, with attention to detail in assessment and reporting
• Excellent written and verbal communication skills, with the ability to present technical insights in business terms
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, Business, or related field
Preferred Qualifications (Optional)
• Industry certifications such as CompTIA Security+, ISO 27001 Lead Implementer/Auditor, CISA, CRISC, or progress toward CISSP/CISM
• Exposure to OT/industrial cybersecurity and IEC 62443 frameworks
• Understanding of AI governance, responsible AI practices, or EU AI Act requirements
• Experience with GRC platforms such as ServiceNow GRC, Archer, or OneTrust
• Prior experience in a consulting environment or professional services firm
• Exposure to OT/industrial cybersecurity and IEC 62443 frameworks
• Understanding of AI governance, responsible AI practices, or EU AI Act requirements
• Experience with GRC platforms such as ServiceNow GRC, Archer, or OneTrust
• Prior experience in a consulting environment or professional services firm
About Accenture
Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.Visit us at www.accenture.com
Equal Employment Opportunity Statement
We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.