My client is looking for a GRC Analyst with a minimum of 5 years of experience to join their organisation in Limerick. This is a permanent role.
Key Skills and Experience
- Proven experience in Governance, Risk and Compliance (GRC), Information Security, Risk Management, or a similar governance-focused role.
- Strong knowledge of information security standards, risk management methodologies, compliance frameworks, audit processes, and regulatory requirements, including ISO 27001 and GDPR.
- Experience maintaining risk registers, control frameworks, compliance documentation, audit evidence, policies, and governance records.
- Ability to interpret regulatory and security requirements and translate them into practical business controls, processes, and governance activities.
- Excellent organisational, analytical, and stakeholder management skills, with the ability to work collaboratively across technical and non-technical teams.
- Experience with governance and compliance technologies, data governance, Microsoft Purview, AI governance, or emerging regulatory requirements such as the EU AI Act would be advantageous.
Responsibilities
- Maintain and continuously improve the organisation's governance, risk, and compliance framework, ensuring policies, standards, controls, and procedures remain current, effective, and aligned with regulatory and business requirements.
- Manage enterprise risk activities, including maintaining risk registers, facilitating risk assessments, monitoring treatment plans, and supporting a consistent approach to risk management across the organisation.
- Coordinate compliance and assurance activities by supporting internal and external audits, maintaining evidence, tracking corrective actions, and producing governance and compliance reporting for senior management.
- Oversee the organisation's control framework by ensuring controls are clearly defined, assigned, monitored, regularly reviewed, and supported by appropriate evidence to demonstrate effectiveness.
- Lead data governance activities, including data classification, retention, records management, and protection controls, ensuring information remains secure, compliant, traceable, and audit-ready throughout its lifecycle.
- Support governance of emerging technologies by maintaining AI governance records, monitoring regulatory developments, assessing technology-related risks, and promoting continuous improvement across governance, compliance, and security practices.
