Governance Risk and Compliance I Analyst II at Vertiv

Mandaluyong, Metro Manila, Philippines -

Full Time

Start Date

Immediate

Expiry Date

12 Apr, 26

Salary

0.0

Posted On

12 Jan, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Governance, Risk Management, Compliance, IT Security, Risk Assessments, Audit Support, Third-Party Risk, Documentation, Collaboration, Communication, GRC Tools, ISO 27001, NIST CSF, ServiceNow, Microsoft Office, CISA

Industry

electrical;Appliances;and Electronics Manufacturing

Description

Job Title: GRC Analyst Division: Governance, Risk & Compliance – IT Security --- Position Summary We are seeking a GRC Analyst to support our Governance, Risk, and Compliance services across a global enterprise. The role involves direct execution of risk assessments, third-party risk reviews, audit support, and internal compliance activities. The ideal candidate is proactive, has a working knowledge of compliance frameworks and GRC tools, and demonstrates excellent collaboration, organization, and communication skills. --- Key Responsibilities • Conduct and document IT risk assessments and track mitigation plans. • Maintain the risk register and support periodic risk revalidation with risk owners. • Perform third-party risk assessments using OneTrust, SecurityScorecard, or similar platforms. • Support responses to customer security questionnaires and audits using Loopio. • Review and process exemption and exception requests using ServiceNow. • Support and coordinate activities for ITGC audits (SOX, ISO 27001, SSAE18). • Assist with preservation hold reviews and coordinate with Legal on related activities. • Monitor risks for aging or inactivity and trigger reassessments and follow-ups as needed. • Track control and audit findings and work with stakeholders to ensure remediation activities are executed. • Contribute to process improvement efforts, SOP updates, and documentation of best practices. • Collaborate with senior analysts to track and report GRC KPIs and metrics to leadership. Qualifications • Bachelor’s degree in information systems, Cybersecurity, Business, or related field. • 3–5 years of experience in IT GRC, audit support, or information security. • Familiarity with compliance frameworks such as ISO 27001, NIST CSF, SOX, and SSAE18. • Experience with GRC tools such as OneTrust, ServiceNow, SecurityScorecard, or AuditBoard. • Understanding of ITGCs, UAR/TERM, and common risk and control practices. • Proficiency in Microsoft Office tools, especially Excel and PowerPoint. • Effective communication, coordination, and documentation skills. • Certifications such as CISA, ISO 27001 Lead Implementer, or equivalent (preferred).

Responsibilities

The GRC Analyst will conduct IT risk assessments, maintain the risk register, and support audit activities. They will also track control findings and collaborate with stakeholders to ensure remediation.