GRC Analyst

Overview Senior Governance, Risk, and Compliance (GRC) Analyst with expertise in managing acquisitions, integrating them into the company’s operations, and responding to customer security questionnaires. The ideal candidate will have 5+ years of direct GRC experience, a proven track record in assimilating newly acquired entities, and a solid background in technical cybersecurity alongside governance, risk, and compliance activities. This role involves collaboration with technical security teams to maintain regulatory compliance and enhance the organization’s GRC posture at WiseTech Global. Responsibilities Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities. Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company\’s overarching GRC strategy. Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams. Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls. Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders. Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management. Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process. Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires. Strong foundational knowledge in core IT or Cybersecurity principles, with hands-on experience in networking, system administration, or security operations. Qualifications 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration. Strong knowledge of regulatory compliance requirements and risk management frameworks, including ISO 27001 and NIST. Experience with SOC 1/2, GDPR, and privacy frameworks. Proficiency in information security tools, techniques, and controls. Experience with metrics and KPIs to measure and track information security risk. Ability to develop policies, standards, and guidelines. ISO 27001:2022 Lead Implementer and lead auditor certifications are a must. CISA, CISM, CISSP, or CRISC certifications are desirable. Experience with GRC tools such as Vanta, Archer, or ServiceNow Risk modules is highly desirable. Exceptional communication and interpersonal skills; analytical mindset with the ability to identify, assess, and mitigate risks. Good project management skills with ISMS and control implementation experience. Knowledge of GRC software tools and technology. Attention to detail and commitment to high-quality deliverables that meet business and compliance objectives. About WiseTech Global WiseTech Global is a leading force in empowering and revolutionizing the world\’s supply chains. Our innovative technologies safeguard data and ensure the security of thousands of users globally, including the world\’s largest freight forwarders. We are dedicated to delivering efficiency, transparency, and confidence through our Governance, Risk, and Compliance (GRC) framework. We strive to hire the best talent to drive growth and transformation in global trade. We may use external service providers to assess applications, with strict confidentiality in line with privacy and data protection laws and regulations. We are a global team of passionate people enabling and empowering the supply chains of the world. #J-18808-Ljbffr