GRC Analyst

Cyber Security GRC Analyst (11345)

At Nouryon, our global team of Changemakers takes positive action every day, to reach higher collectively and individually. We create innovative and sustainable solutions for our customers to answer society’s needs – today and in the future.

We are looking for team members who bring ideas forward, champion others and work together to do better. Does that sound like you?

About the Job:

As a Cyber Security GRC (Governance, Risk, and Compliance) Analyst, you'll play a vital role in ensuring our organization operates securely and meets all relevant regulations. You'll be responsible for assessing risks, managing compliance, conducting audits, and developing governance frameworks, with a particular focus on cybersecurity.

In your future as a Cyber Security GRC Analyst you will:

• Identify and evaluate risks to the organization, develop strategies to address them, and track their resolution.
• Build, track, and support compliance with various frameworks (e.g., NIST, CSF) and findings.
• Develop, track, and support a cybersecurity risk program and a cybersecurity compliance program.
• Create and maintain metrics and reports on KPIs, SLAs, and other internal metrics.
• Stay updated on laws and industry standards (e.g., GDPR, NIS2, SOX), conduct compliance assessments, and maintain compliance programs.
• Perform audits to assess governance and compliance processes, prepare reports on findings, and communicate these with stakeholders and senior management.
• Develop, track, and support the maturity of cybersecurity programs by creating and refining policies, processes, procedures, and guidelines.
• Manage 2-3 complex projects simultaneously in a technical environment.
• Collaborate with different teams to address governance and compliance challenges, provide training on best practices and regulatory requirements, and discuss security issues and recommendations.

We believe you bring:

• Fully bilingual in English and Spanish (must-have).
• Bachelor’s degree in IT, business, finance, or a related field (strongly preferred).
• 5+ years of experience in GRC, compliance, or a related field, with at least 3-5 years in information security.
• Former experience in audit, enterprise risk management (ERM), or compliance, with knowledge of regulatory and industry standards.
• Experience writing reports and documents for senior-level management.
• 3+ years of experience communicating and presenting data to senior management.
• Experience with auditing standards like SOC2 Type II.
• Experience with GRC tools such as Archer, SNOW GRC, etc.
• Strong understanding of governance, risk management, and compliance principles.
• Knowledge of relevant laws and industry standards (e.g., GDPR, SOX).
• Excellent analytical and problem-solving skills.
• Relevant certifications such as CISSP, CRISC, CISA, CISM, or similar are a plus.
• Must work onsite at our office in Mexico City from Monday to Thursday, with the option to work from home on Fridays.

Good to know:

Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon.com/careers/how-we-hire/

We look forward to receiving your application!

We kindly ask our internal candidates to apply with your Nouryon email via Success Factors.

About Nouryon:

We’re looking for tomorrow’s Changemakers, today. 

If you’re looking for your next career move, apply today and join Nouryon’s worldwide team of Changemakers in providing essential solutions that our customers use to manufacture everyday products such as personal care, cleaning, paints and coatings, agriculture and food, pharmaceuticals, and building products. Our employees are driven by the desire to make an impact and actively drive positive change. If that describes you, we will gladly make way for your ambitions.

From day one, we support you with your personal growth, through challenging positions and comprehensive learning and development opportunities, in a dynamic, international, diverse, and proactive working environment.

Visit our website and follow us on LinkedIn.

#WeAreNouryon #Changemakers 

We have already chosen our sourcing channels for this recruitment and kindly ask not to be contacted by any advertisement agents, recruitment agencies or staffing companies.