GRC Engineer at Ouro handling risk assessments and compliance engineering for cloud services. Collaborating with teams to ensure security control effectiveness across applications and infrastructure.
About the role
- Cyber Risk & Compliance Analyst ensuring client compliance and cybersecurity governance. Collaborates across teams to manage RFPs, contracts, and third-party risk management processes.
Responsibilities
- Review cybersecurity-related sections of client RFPs and security questionnaires.
- Gather and align internal documentation to ensure accurate, consistent, and defensible responses.
- Coordinate with subject matter experts to validate technical and compliance statements.
- Ensure responses reflect current certifications, controls, and commitments.
- Review contracts to identify cybersecurity, data protection, and compliance-related clauses.
- Assess alignment between contractual obligations and existing security controls.
- Escalate gaps or misalignments to Security and Legal for resolution.
- Maintain traceability of contractual security commitments.
- Coordinate internal stakeholders to complete vendor or client security questionnaires.
- Track questionnaire status, deadlines, and follow-ups.
- Ensure timely and structured responses.
- Support evidence collection and documentation for third-party reviews.
- Maintain organized repositories of policies, certifications, audit reports, and evidence.
- Ensure documentation is up to date and reusable for future engagements.
- Support audit preparation activities when required.
- Contribute to process improvement initiatives within GRC.
- Monitor RFP, contract, and TPRM workflow status.
- Provide status updates to management.
- Identify recurring issues or process bottlenecks.
Requirements
- Bachelor’s degree in IT, telecommunications, computer science, information security, or related field.
- With 2-5 years of experience in cybersecurity, risk management, audit or compliance.
- Good communication skills
- Strong knowledge of information security frameworks and standards (ISO 27001, NIST CSF, GDPR).
- Exposure to RFP processes or client-facing compliance documentation is a plus.
- Office Suite: Advanced
Benefits
- Job Benefits
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Regulatory Operations Analyst supporting SEU Operations Risk department with regulatory compliance across licensed jurisdictions. Engaging in multi - jurisdictional work and maintaining regulatory controls.
Associate Manager developing and managing investigations and consulting cases at Kroll. Collaborating with teams to ensure quality and compliance across diverse cases.
Senior Regulatory Engineer responsible for regulatory strategies and agency interactions at Johnson Controls. Collaborating on new product approvals and maintaining compliance with existing products.
Regulatory and Quality Specialist supporting compliance strategy for medical devices in R&D. Collaborating with design teams to ensure quality and regulatory adherence.
Compliance & Oversight Lead Manager facilitating GILA business processes and data quality. Ensuring compliance with labeling activities in a global pharmaceutical environment.
Manager in US Regulatory Advertising and Promotion at Pfizer supporting regulatory guidance and strategic review of promotional communications. Mentoring junior staff while ensuring compliance with regulatory standards.
Senior GRC Consultant consulting clients on GRC software RiMaGo and implementing risk strategies. Collaborating with development team and conducting training sessions in GRC.
Senior Compliance Officer at Absa providing compliance support and risk management in the banking sector. Leading compliance initiatives and regulatory relationship management.
Compliance Manager supporting RTX's Anti - Bribery & Anti - Corruption Program at the largest aerospace and defense company. Ensuring compliance with various international anti - corruption laws and regulations.