Key Facts

Remote From:

Estonia, Hungary, Bulgaria, Poland, Romania, Portugal, Slovakia

Full time

Mid-level (2-5 years)

61 - 61K yearly

Hard Skills

Other Skills

•
Analytical Thinking

Roles & Responsibilities

Bachelor's degree in Information Technology, Cybersecurity, Industrial Engineering, or related field.
Minimum 3 years of experience in cybersecurity or GRC, ideally in a global or industrial/manufacturing environment.
Knowledge of industry standards (NIST CSF, ISO 27001, IEC 62443 for OT) and GDPR/data privacy principles with IT General Controls (ITGC).
Certifications such as CISA, CRISC, or CISM would be advantageous.

Requirements:

Support the implementation and maintenance of global GRC policies and standards based on NIST CSF and ISO 27001.
Conduct risk assessments for IT systems and third-party vendors (supply chain risk), identifying gaps and recommending corrective actions.
Monitor adherence to GDPR and internal governance requirements; assist in coordinating external audits (ISO certification, ITGC, financial audits).
Prepare compliance and risk status reports for management and global stakeholders.

Optiveum

Human Resources, Staffing & Recruiting

About Optiveum

Based on our own over 20 years of international experience in the field of IT recruitment and outsourcing, training, labor law, process optimization and consulting , we help companies that plan to develop operations in Poland and Central and Eastern Europe. We support companies (IT and other Tech Industries; including startups) to come and grow in Poland/ Central Europe by building up teams (mainly IT & Sales); go-to-market strategies; sales outsourcing; legal advice. Contact us to learn how we can help you enter and thrive in Central Europe: info (at) optiveum.com

Company type: Startup

Industry: Human Resources, Staffing & Recruiting

Founded: 2018

Company size: 2 - 10

Website LinkedIn See all jobs →

Job description

GRC Analyst

Location: Remote (Poland)
Contract Type: B2B through Optiveum Poland
Salary: Up to 5,100 USD / month (approx. 18,500 PLN)

Our Client is a global organization with complex commercial and manufacturing operations across multiple regions. The company places a strong emphasis on cybersecurity, operational resilience, and data protection. As part of their expanding Governance, Risk & Compliance (GRC) function, they are looking for a motivated GRC Analyst to support ongoing global initiatives and strengthen their governance frameworks.

Role Overview

As a GRC Analyst, you will help enhance the organisation’s global cybersecurity posture by supporting governance processes, risk assessments, compliance monitoring, and audit readiness. You will work closely with IT, Operational Technology (OT), and business teams to ensure alignment between security controls and organisational goals.

Key Responsibilities

Support the implementation and maintenance of global GRC policies and standards based on NIST CSF and ISO 27001.
Conduct risk assessments for IT systems and third-party vendors (Supply Chain Risk), identifying gaps and recommending corrective actions.
Monitor adherence to global data privacy regulations (e.g., GDPR) and internal governance requirements.
Assist in coordinating external audits (ISO certification, ITGC, financial audits) and track remediation of audit findings.
Collaborate with IT Security, Industrial/OT Security, and business units to collect data for risk analysis.
Support the development and rollout of cybersecurity awareness programs for corporate and manufacturing staff.
Prepare compliance and risk status reports for management and global stakeholders.

Qualifications & Skills

Bachelor’s degree in Information Technology, Cybersecurity, Industrial Engineering, or a related field.
Minimum 3 years of experience in cybersecurity or GRC, ideally in a global or industrial/manufacturing environment.
Knowledge of industry standards such as NIST, ISO 27001, and ideally IEC 62443 (OT security).
Understanding of GDPR, data privacy principles, and IT General Controls (ITGC).
Strong analytical mindset and ability to work collaboratively across cross-functional international teams.
Certifications such as CISA, CRISC, or CISM would be an advantage.

What We Offer (via Optiveum Poland)

B2B contract with Optiveum Poland.
Monthly compensation up to 5,100 USD (approx. 18,500 PLN).
Opportunity to work on global GRC initiatives with modern frameworks and technologies.
Long-term cooperation with a stable international organisation.
Fully remote work with international exposure.