Cybersecurity GRC (Governance, Risk & Compliance) Analyst

About the role

CompanyKora is building the settlement and compliance layer that powers cross‑border payments for financial institutions, fintechs, and enterprises. As a Cybersecurity GRC Analyst you will help ensure that the company’s security policies, controls, and processes meet regulatory requirements, industry standards, and business objectives.

Key responsibilities

• Develop, review, and maintain information security policies, standards, and procedures.
• Align security governance with frameworks such as ISO 27001, NIST CSF, and CIS Controls.
• Conduct enterprise, vendor, application, and infrastructure risk assessments and maintain the risk register.
• Perform control gap assessments, recommend remediation, and track treatment plans.
• Support third‑party risk management, audit coordination, evidence collection, and walkthroughs.
• Monitor compliance posture, report on audit findings, and assist in incident response from a compliance perspective.
• Collaborate with security and IT teams to implement and continuously monitor controls.

Required profile

• 2‑4 years of experience in cybersecurity, IT risk, compliance, or audit.
• Bachelor’s degree or equivalent.
• Strong understanding of information security governance and risk management.

Required skills

• ISO 27001
• NIST CSF
• CIS Controls
• PCI DSS
• SOC 2
• GDPR

What we offer

• Opportunity to work in a fast‑growing global fintech infrastructure.
• Collaborative and inclusive culture focused on positive energy and clear communication.