Governance, Risk, and Compliance (GRC) Analyst

Описание вакансии

­Led by an experienced management team and supported by a strong investor group, including large and experienced institutions and strategic partners, EdgeConneX offers a dynamic, fast-paced work environment where we are bringing flexibility, proximity, power, and connectivity to some of the world’s key businesses. With major offices in Herndon, Denver, and Amsterdam, we have a global footprint and a unified team of employees committed to providing a premier customer experience and delivering the full spectrum of data center solutions, from core to edge, like no other data center provider can do.

Focused on driving innovation and helping our customers define and deliver their own unique vision for the Edge, at any scale, in any market worldwide, for any requirement, we are building tomorrow’s data center infrastructure, today for some of the world’s most demanding Network, Content, and Cloud customers.

We are seeking a highly motivated and experienced Governance, Risk, and Compliance (GRC) Analyst to join our team. The ideal candidate will have at least five years of experience in GRC or IT risk, a bachelor’s degree or higher in a related field, and professional certifications in GRC or cybersecurity. As a GRC Analyst, you will play a pivotal role in ensuring our organization adheres to regulatory requirements, manage risks effectively, and maintain robust governance practices for industry standards, frameworks and international data protection law.

Responsibilities:

• Develop, implement, and maintain governance, risk, and compliance frameworks, policies, standards and procedures.
• Conduct risk assessments and analyze potential threats to the organization’s information systems and business operations.
• Monitor compliance with internal policies and external regulatory requirements (e.g., NIS2, DORA, ISO27001, AICPA Trust Principles, NIST, CIS, GDPR, SOX, HIPAA).
• Track changes to regional data protection law in the regions where EdgeConneX operates (APAC, EU, North America and South America)
• Collaborate with cross-functional teams to identify, assess, and mitigate risks across the organization.
• Maintain risk registers, compliance metrics, and reporting dashboards
• Support third-party risk management and vendor security assessments
• Prepare and present regular reports on risk management activities, compliance status, and remediation efforts to management.
• Support internal and external audits, including gathering documentation and facilitating audit processes.
• Stay up to date with changes in relevant laws, regulations, and industry best practices.
• Assist in the development and delivery of training programs related to governance, risk, and compliance topics.
• Contribute to continuous improvement of GRC processes and tooling

Required education & experience:

• Bachelor’s degree or higher in Information Security, Computer Science, Business Administration, or a related field.
• Minimum of 5 years of professional experience in governance, risk, and compliance or a related discipline.
• Professional certifications such as CISA, CRISC, CISSP, CISM, ISO27001LA or similar are required.
• Strong understanding of regulatory requirements and frameworks (e.g., ISO 27001, NIST, PCI DSS).
• Risk assessment methodologies and control testing
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to work collaboratively across departments.
• Experience with:

+ Policy development and lifecycle management

+ Third-party/vendor risk assessments

+ GRC tools and risk management platforms (e.g., DRATA, VANTA, Archer, OneTrust)

• Detail-oriented and highly organized, with a proactive approach to identifying and managing risks.

Preferred experience:

• Experience with GRC software platforms and tools.
• Project management experience or certification.
• Experience in a regulated industry (e.g., datacenter, finance, technology).
• Ability to train and mentor junior staff.

EdgeConneX believes inclusion – of thought, backgrounds and experiences – affects all that we do, from our employees to the solutions we deliver. Our goal is to create an environment where embracing differences helps deepen the lives and work experience of our employees, enhances our innovation and creativity, and enriches our involvement in our communities. EdgeConneX is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin or ancestry, physical or mental disability, as well as any other category protected by applicable federal, state, or local laws.

EdgeConneX offers a competitive benefits package.

For more information on how we process your data, visit our Data Privacy Policy here.