Governance, Risk & Compliance Analyst

Location: Monterrey, N.L. (Hybrid – 3 days onsite) Employment type: Direct Hire – Full-time, with all benefits required by Mexican law Salary range: Competitive and negotiable based on experience Language: Bilingual (Advanced English – excellent verbal and written communication skills required) We are looking for a GRC Analyst to help strengthen the company’s cybersecurity governance program. This role will focus on building a strong security culture, supporting audit readiness, and enhancing vendor risk management. The ideal candidate will combine knowledge of cybersecurity frameworks with strong interpersonal skills to partner effectively across the organization. Key Responsibilities Policy Governance Support the review and maintenance of internal security policies aligned with frameworks such as SCF, PCI DSS, and ISO 27001. Work with business stakeholders to ensure policies are practical, updated, and audit-ready. Vendor Risk Management & Audits Coordinate annual vendor risk assessments and track remediation of compliance gaps. Assist in preparing documentation for external audits, ensuring timely and accurate responses. Security Awareness & Culture Design and deliver engaging security awareness initiatives to promote secure behaviors. Partner with teams to integrate security practices into daily operations. Cross-Functional Collaboration Collaborate with Legal, Procurement, IT, and business units to embed compliance into business workflows. Act as a trusted advisor on governance and compliance matters across the organization. Reporting & Metrics Maintain reports and dashboards on training completion, audit progress, and vendor compliance status. Provide insights to leadership to drive continuous improvement. Requirements Bachelor’s degree in Business, Information Systems, Cybersecurity, or related field. 4+ years of experience in IT governance, risk & compliance, or audit. Strong knowledge of regulatory frameworks (PCI DSS, NIST CSF, ISO 27001). GRC tools (e.g., OneTrust). Excellent leadership, communication, and stakeholder management skills. Proven ability to manage complex projects, influence without direct authority, and drive cross-functional outcomes. English level: B2 (upper-intermediate) . Benefits Career development plan and continuous learning. Excellent work environment and flexibility. Direct client benefits. Direct hiring. Career development plan. If you’re looking for a place where professional growth goes hand in hand with quality of life, this opportunity is for you!

Creado: Jue, 01 de Ene de 1970