Job Title: GRC Analyst
We are seeking a highly motivated and skilled GRC Analyst to join our team at Prosource. As a GRC Analyst, you will play a key role in delivering risk management, control, compliance, and assurance programs within our IT systems.
Key Responsibilities:
* Conduct regular assessments to identify potential weaknesses in our IS Control environment
* Liaise with internal and external auditors to ensure timely and accurate provision of information and address any findings or recommendations
* Assist IS teams in completing testing, evidence gathering, and submission to demonstrate Operating and Design effectiveness of controls
* Provide training and input to control assessments to staff where required
* Request and collect SOC1 Type 2 and SOC 2 reports for all SaaS applications
* Connect with IS teams to obtain supporting evidence for OS changes on Infrastructure as well as relevant supporting information for applications
* Connect with various Business teams regarding JML processes, User access matrices, DR/BCP solutions, and relevant supporting evidence for applications
* Work with support partners to gather information, evidence, processes, and other relevant support information for applications
* Support remediation of IS controls, where applicable, for all applications, including establishing recurring requests for audit purposes
* Ensure management of change processes are in place to support relevant IS controls for all applications
* Align with IS database team and support partners to ensure relevant control measures are in place for data integrity, relevance, and maintenance for all applications
* Collaborate with IT teams, business units, and senior management to enhance awareness and understanding of IS principles, practices, and objectives
* Ensure the successful delivery of initiatives and projects within the Governance, Risk, and Compliance environment
* Foster strong working relationships with key stakeholders to promote effective communication, coordination, and alignment of IS GRC initiatives
Requirements:
* Strong knowledge of General IT Controls (GITC) assessments, evidence provision, and control operation
* Experience in risk management and control assessments
* Proven track record in developing policies and procedures
* Proficient in IT governance and quality standards
* Experience working with third-party vendors and on-premise solutions
* Experience with internal infrastructure and database risks and controls
* Familiarity with one or more industry frameworks and standards such as ITIL, COBIT, NIST Cybersecurity Framework, and ISO 27001
* Strong communication skills, both verbal and written, with the ability to present technical information to non-technical stakeholders effectively
* Advanced Microsoft 365 skills (Excel/PowerPoint) are preferred
* Demonstrated ability to work independently, manage multiple priorities, and meet deadlines in a fast-paced environment
* Ability to influence and collaborate with cross-functional teams
About Us:
Prosource is a professional services provider in technology. We recognize the importance of people and business process in the successful adoption of technology and change. Our readiness to embrace and apply change comes from our people, and we offer a variety of business services across the lifespan of successful technological deployment and adoption.
We are a people-centered business with a global workforce of 500 plus staff and contractors. Our values are central to what we do and how we do it. We feel they are simple and easy to relate to, and we are always looking to welcome new people to the team who share our vision and values.