Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. Philippines
  4. Manila
  5. Compliance
  6. Governance Risk and Compliance I Analyst III
VG
Vertiv Group Corpvertiv.com

Governance Risk and Compliance I Analyst III

Manila, Manila, PhilippinesFull-time16h ago

Job Title: Senior GRC Analyst

Division: Governance, Risk & Compliance – IT Security

Position Summary

The Senior GRC Analyst will act as a key contributor to Vertiv’s Governance, Risk, and Compliance initiatives, driving risk assessments, security reviews, audit readiness, and third-party risk management efforts. This role supports continuous improvement of the risk register and policy exception processes, partners with cross-functional stakeholders, and helps develop a scalable security and compliance posture across the organization.

Key Responsibilities

  • Lead IT risk assessments, mitigation planning, and control monitoring activities.
  • Oversee risk register updates and coordinate with risk owners and SMEs to track mitigation actions.
  • Drive third-party risk reviews and assessments using OneTrust and SecurityScorecard, escalating high-risk vendors for action.
  • Conduct contract reviews focused on information security terms and recommend necessary revisions.
  • Respond to customer security questionnaires with input from SMEs using Loopio.
  • Supervise compliance training rollouts (e.g., phishing campaigns, annual security awareness training).
  • Review and recommend changes to IT security policies and standards aligned with ISO 27001, NIST CSF, and other frameworks.
  • Support internal and external audits by gathering evidence and assisting with SOX and ISO audit readiness.
  • Generate and present GRC dashboards and KPIs to leadership to inform risk posture and team performance.
  • Act as an escalation point for GRC process inquiries and ticket-related exceptions.
  • Mentor junior analysts and support GRC program maturity through playbooks, SOPs, and process documentation.

Qualifications

  • Bachelor’s degree in information systems, Cybersecurity, or a related field.
  • 5+ years of experience in GRC, IT Risk Management, or Information Security.
  • Strong understanding of ITGC, SOX, ISO 27001, NIST CSF, and data privacy regulations (e.g., HIPAA, GDPR).
  • Experience with GRC platforms such as ServiceNow GRC, OneTrust, and SecurityScorecard.
  • Strong documentation and analytical skills with experience preparing audit-ready evidence.
  • Certifications such as CISA, CISSP, ISO 27001 Lead Implementer or Auditor (preferred).
  • Excellent communication and stakeholder management skills across global teams.
  • Strong organizational skills and ability to manage multiple deliverables independently.

Categories

Compliance
GRC Analyst
IT Audit
IT Security
Governance Risk and Compliance

Skills

ISO 27001
NIST CSF
SOX
ServiceNow GRC
ITGC
Audit Readiness
SecurityScorecard
Loopio
HIPAA
Third-Party Risk Management
IT Risk Management
Information Security
OneTrust
GDPR
Governance Risk and Compliance