Morgan McKinley has partnered with a leading financial services organization as they look to hire an IT GRC Analyst. This role is supporting critical IT governance, risk, and compliance operations across Ireland and the wider European network.
This is an exciting opportunity to join a high-performing team and play a pivotal role in ensuring adherence to regulatory standards (including DORA, GDPR, ISO 27001) while embedding robust risk management and governance frameworks.
Key Responsibilities
- Governance
- Support the development and implementation of IT GRC policies, processes, and guidelines.
- Monitor IT governance practices and align them with business goals.
- Contribute to the continuous improvement of IT governance initiatives across the organization.
- Risk Management
- Act as Local Information Risk Officer (LIRO) to identify and mitigate IT risks.
- Coordinate IT audits and compliance reviews as the single point of contact (SPOC).
- Maintain the IT risk register and perform regular Protection Need and ITSCM analyses.
- Compliance
- Ensure adherence to relevant legal and regulatory standards (e.g., GDPR, ISO 27001, DORA).
- Develop and maintain internal policies and oversee compliance review cycles.
- Report internal control (ICS) activity to HQ compliance stakeholders.
- Incident Management
- Collaborate with HQ CERT and vulnerability management teams on IS incidents.
- Support incident resolution and remediation with local IT and business teams.
- Training & Awareness
- Drive training initiatives to enhance GRC understanding across teams.
- Offer guidance on best practices in IT governance, risk, and compliance.
- Documentation & Reporting
- Maintain GRC documentation and generate regular performance and incident reports.
- Support reporting efforts for the Information Security Board.
- Identity & Access Management (IAM)
- Enforce IAM policies and conduct periodic access reviews and rectification.
- Monitor and respond to security vulnerabilities, following best practices and group standards.
Requirements
- Education & Experience
- Bachelor's degree in IT, Computer Science, or related discipline.
- 3-5 years of experience in IT GRC, IT audit, or a similar field.
- Certifications such as CISA, CRISC, CISSP are advantageous but not essential.
Skills & Competencies
- Strong grasp of IT governance frameworks (e.g., COBIT, ITIL).
- Experience with risk management methodologies and compliance tools.
- Proven track record of regulatory implementation (DORA experience is a strong plus).
- Excellent communication, problem-solving, and analytical skills.
- Ability to work both independently and collaboratively.
- Familiarity with IAM, vulnerability management, and cloud/information security.
If the above matches you, apply or reach out directly for a confidential chat.
