Cybersecurity Analyst (GRC)

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, Industrial Engineering, or a related field.
• Minimum 3 years of experience in cybersecurity or GRC, ideally in a global or industrial/manufacturing environment.
• Knowledge of industry standards such as NIST, ISO 27001, and ideally IEC 62443 (OT security).
• Understanding of GDPR, data privacy principles, and IT General Controls (ITGC).
• Strong analytical mindset and ability to work collaboratively across cross-functional international teams.

Nice To Haves

• Certifications such as CISA, CRISC, or CISM would be an advantage.

Responsibilities

• Support the implementation and maintenance of global GRC policies and standards based on NIST CSF and ISO 27001.
• Conduct risk assessments for IT systems and third-party vendors (Supply Chain Risk), identifying gaps and recommending corrective actions.
• Monitor adherence to global data privacy regulations (e.g., GDPR) and internal governance requirements.
• Assist in coordinating external audits (ISO certification, ITGC, financial audits) and track remediation of audit findings.
• Collaborate with IT Security, Industrial/OT Security, and business units to collect data for risk analysis.
• Support the development and rollout of cybersecurity awareness programs for corporate and manufacturing staff.
• Prepare compliance and risk status reports for management and global stakeholders.

Benefits

• B2B contract with Optiveum Poland.
• Monthly compensation up to 5,100 USD (approx. 18,500 PLN).
• Opportunity to work on global GRC initiatives with modern frameworks and technologies.
• Long-term cooperation with a stable international organisation.
• Fully remote work with international exposure.