About the role
Drive governance, risk, and compliance programs across NIST 800-53, SOC 2, and PCI scopes for a Tier-1 financial services client.
Key responsibilities
- Run control assessments, evidence collection, and remediation tracking.
- Partner with engineering to translate audit findings into clear technical fixes.
- Maintain risk register and produce executive reporting.
- Support third-party risk reviews and customer security questionnaires.
Qualifications
- 4+ years in security GRC or IT audit.
- Working knowledge of NIST 800-53, SOC 2, PCI-DSS, and ISO 27001.
- CISA, CISSP, or CRISC preferred.
Technology stack
NIST 800-53SOC 2PCI-DSSServiceNow GRC
Apply
Apply for Cybersecurity GRC Analyst
Submit your details and resume. A senior recruiter responds within one business day.
Let's Build the Future Together.
Whether you're hiring a single engineer, scaling an enterprise technology team or transforming your digital infrastructure, BrightScale IT is ready to help.

