Cybersecurity GRC Analyst

Discover your 100% YOU with MicroSourcing

Position: Cybersecurity GRC Analyst

Location: MoA, Pasay, Philippines

Work setup & shift: Hybrid | Dayshift

**Why join MicroSourcing?

You'll have:**

• Competitive Rewards: Enjoy above-market compensation, healthcare coverage on day one, plus one or more dependents, paid time-off with cash conversion, group life insurance, and performance bonuses
• A Collaborative Spirit: Contribute to a positive and engaging work environment by participating in company-sponsored events and activities.
• Work-Life Harmony: Enjoy the balance between work and life that suits you with flexible work arrangements.
• Career Growth: Take advantage of opportunities for continuous learning and career advancement.
• Inclusive Teamwork: Be part of a team that celebrates diversity and fosters an inclusive culture.

Your Role:

As a Cybersecurity GRC Analyst, you will:

Key Responsibilities:

• Governance & Policy Management

• o Develop, review, and maintain cybersecurity policies, standards, and procedures.

• o Ensure alignment with industry frameworks (e.g., NIST CSF 2.0, ISO 27001, CIS Controls, etc.).

• Risk Management

• o Conduct risk assessments and control evaluations across systems, applications, and processes.

• o Maintain and update the risk register, track mitigation plans, and report on risk posture.
• o Track and report security exceptions, findings, and remediation activities.

• Compliance & Audit

• o Support internal and external audits, including evidence collection and remediation tracking.

• o Monitor compliance with regulatory requirements (e.g., PCI-DSS, Privacy Act, etc.).
• o Assist in third-party risk assessments and vendor due diligence.

• Security Awareness & Training

• o Contribute to the development and delivery of cybersecurity awareness programs.

• o Promote a culture of security and compliance across the organisation.

• Reporting & Metrics

• o Prepare regular reports and dashboards on GRC activities, risk trends, and compliance status.

• o Monitor and report on cybersecurity metrics, control effectiveness, and regulatory compliance.

• Incident Response

• o Assist in incident response and post-incident reviews from a compliance and governance perspective.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• 2–5 years of experience in cybersecurity governance, risk management, or compliance.
• Familiarity with GRC tools (e.g., OneTrust, Vanta, Drata, etc.).
• Understanding of regulatory and industry standards (e.g., ISO 27001, NIST CSF, SOC 2).
• Strong analytical, communication, and documentation skills.
• Certifications such as CISA, CRISC, or ISO 27001 Lead Implementer/Lead Auditor are a plus.

Technical Skills:

• Strong working knowledge of Cybersecurity/Information Security Frameworks such as NIST CSF, ISO27001, etc.
• Understanding of risk assessment methodologies and cybersecurity principles.
• Familiarity with SIEM, DLP, IAM, vulnerability management tools, and endpoint protection platforms.
• Competence in using Excel, Power BI, or similar tools to analyse data and generate dashboards and reports.
• Familiarity with using ticketing systems such as JIRA.
• Ability to support internal and external audits, perform control testing, and monitor compliance metrics.
• Understanding of Privacy Frameworks such as the (Australian) Privacy Act 1988, (Victorian) Privacy and Data Protection Act 2014, GDPR, etc. is desirable.

About MicroSourcing

With over 9,000 professionals across 13 delivery centers, MicroSourcing is the pioneer and largest offshore provider of managed services in the Philippines.

Our commitment to 100% YOU

MicroSourcing firmly believes that our company's strength lies in our people's diversity and talent. We are proud to foster an inclusive culture that embraces individuals of all races, genders, ethnicities, abilities, and backgrounds. We provide space for everyone, embracing different perspectives, and making room for opportunities for each individual to thrive.

At MicroSourcing, equality is not merely a slogan – it's our commitment. Our way of life. Here, we don't just accept your unique authentic self - we celebrate it, valuing every individual's contribution to our collective success and growth. Join us in celebrating YOU and your 100%

For more information, visit

*Terms & conditions apply