CyberSecurity (GRC) Analyst

GRC Analyst

Location: Remote (Poland)Contract

Type: B2B through Optiveum Poland

Salary: Up to 5,100 USD / month (approx. 18,500 PLN)

Our Client is a global organization with complex commercial and manufacturing operations across multiple regions. The company places a strong emphasis on cybersecurity, operational resilience, and data protection. As part of their expanding Governance, Risk & Compliance (GRC) function, they are looking for a motivated GRC Analyst to support ongoing global initiatives and strengthen their governance frameworks. 

Role Overview

As a GRC Analyst, you will help enhance the organisation’s global cybersecurity posture by supporting governance processes, risk assessments, compliance monitoring, and audit readiness. You will work closely with IT, Operational Technology (OT), and business teams to ensure alignment between security controls and organisational goals.

Key Responsibilities

• Support the implementation and maintenance of global GRC policies and standards based on NIST CSF and ISO 27001.

• Conduct risk assessments for IT systems and third-party vendors (Supply Chain Risk), identifying gaps and recommending corrective actions.

• Monitor adherence to global data privacy regulations (e.g., GDPR) and internal governance requirements.

• Assist in coordinating external audits (ISO certification, ITGC, financial audits) and track remediation of audit findings.

• Collaborate with IT Security, Industrial/OT Security, and business units to collect data for risk analysis.

• Support the development and rollout of cybersecurity awareness programs for corporate and manufacturing staff.

• Prepare compliance and risk status reports for management and global stakeholders.

Qualifications & Skills

• Bachelor’s degree in Information Technology, Cybersecurity, Industrial Engineering, or a related field.

• Minimum 3 years of experience in cybersecurity or GRC, ideally in a global or industrial/manufacturing environment.

• Knowledge of industry standards such as NIST, ISO 27001, and ideally IEC 62443 (OT security).

• Understanding of GDPR, data privacy principles, and IT General Controls (ITGC).

• Strong analytical mindset and ability to work collaboratively across cross-functional international teams.

• Certifications such as CISA, CRISC, or CISM would be an advantage.

What We Offer (via Optiveum Poland)

• B2B contract with Optiveum Poland.

• Monthly compensation up to 5,100 USD (approx. 18,500 PLN).

• Opportunity to work on global GRC initiatives with modern frameworks and technologies.

• Long-term cooperation with a stable international organisation.

• Fully remote work with international exposure.