GRC Analyst

SUMMARY:
Our client is looking for a detail-oriented GRC Analyst to join their team and strengthen governance, risk, and compliance activities in a regulated financial services environment. This role is central to ensuring that ICT and security controls operate effectively, risks are managed accurately, and regulatory obligations are consistently met.

POSITION INFO:
🌟 Role Overview
As a GRC Analyst, you will:

• Support governance frameworks aligned to ISO/IEC 27001, NIST CSF, GDPR, DORA, and Joint Standard 2.
• Maintain control mappings and evidence to support audits and regulatory reviews.
• Perform ICT and information security risk assessments, updating risk registers and tracking remediation.
• Assist with compliance activities across POPIA, GDPR, DORA, and Joint Standard 2.
• Support third-party and outsourcing risk assessments, due diligence, and supplier compliance.
• Contribute to incident management, resilience testing, and post-incident reviews.
• Provide audit and assurance support, producing risk and compliance reporting for management forums.
• Collaborate with IT, cloud, security, and risk teams to embed compliance by design.

🎯 What We’re Looking For
Essential Skills & Experience

• Practical experience with ISO/IEC 27001 & 27002 and NIST CSF.
• Knowledge of POPIA, GDPR, DORA, and Joint Standard 2.
• 2–3 years’ experience in GRC, Information Security, Risk, or Compliance.
• Exposure to ICT risk, cyber risk, or technology compliance in financial services.

Preferred Certifications

• ISO/IEC 27001 Foundation, Implementer, or Auditor.
• CGRC or similar.
• Financial services or risk-focused certifications.

Soft Skills

• Strong attention to detail and documentation discipline.
• Analytical, structured, and risk-based thinking.
• Clear communication with both technical and non-technical stakeholders.
• Integrity, accountability, and a collaborative mindset.

This is an exciting opportunity to work at the intersection of cybersecurity, compliance, and financial services. You’ll play a key role in safeguarding resilience, supporting regulatory obligations, and embedding a strong governance culture across the organisation.

Apply now!
For more IT jobs, please visit I also specialise in recruiting in the following:

Software Development
Data Engineer
Data Analyst
Infrastructure
Architecture
... and more!

If you have not had any response in two weeks, please consider the vacancy application unsuccessful. Your profile will be kept on our database for any other suitable roles / positions.

For more information contact:
Evandria Rademeyer
Researcher