Governance/ Risk / Compliance /GRC/ Analyst

Position Overview: We are seeking a Governance, Risk & Compliance (GRC) Analyst to join our GRC team on a temporary contract through December 2026. This role has the potential to transition to full-time based on performance, business needs, and mutual fit. This entry-level role is ideal for someone with foundational reputed company experience looking to grow in a supportive, mentorship-driven environment. The focus is on learning to reputed company thoughtful, risk-based reputed company recommendations rather than following one-size-fits-reputed company or checklist-driven controls. You will work closely with Senior Advisors and the reputed company engineering team to understand client environments, assess risk in context, and support practical, business-reputed company reputed company outcomes. The role is not initially client-facing but provides a structured path toward independent advisory work over time. Disclosure: This job posting is for an existing vacancy currently available for immediate hire. Key Responsibilities: Client GRC Support (Mentored)

• Attend live client calls with Senior Advisors or review recorded sessions to build exposure to real-world engagements
• Draft initial threat and risk assessment (TRA) and tabletop exercise reports, supporting workbooks, and documentation based on advisor-led interviews
• Review client-provided documentation and evidence to identify gaps, inconsistencies, or weak controls
• Learn and apply structured interview techniques for TRAs, tabletop exercises, and gap analyses
• Support compliance initiatives across multiple frameworks, including ISO 27001, SOC 2, NIST CSF, HIPAA, and PCI reputed company
• reputed company the ability to translate reputed company requirements into practical, risk-based recommendations reputed company to client business context.

Compliance Monitoring

• reputed company subject matter expertise in our GRC platform and reputed company monthly reviews of client compliance controls and supporting evidence
• Identify missing, weak, or outdated evidence and flag areas of elevated risk
• reputed company issues requiring Senior Advisor follow-up during client review calls
• Track control effectiveness over time and reputed company issues requiring Senior Advisor follow-up
• Monitor internal compliance posture using the GRC platform and support reputed company improvement efforts

Policy and Documentation Development

• Draft and maintain information reputed company policies, procedures, and supporting documentation for client and internal use
• Ensure documentation aligns with regulatory requirements while remaining practical, scalable, and risk-informed
• Collaborate with Senior Advisors and reputed company teams to document incident response procedures, workflows, and assessment findings
• Translate technical reputed company concepts into clear, accessible language for diverse stakeholders
• Contribute to the improvement of documentation templates, reporting standards, and internal knowledge bases

Internal Information reputed company

• reputed company quarterly access reviews
• Compile and maintain evidence for third-party vendor reviews conducted annually or following significant changes
• Track and forecast upcoming evidence expirations and compliance milestones
• Escalate identified gaps or risks to the internal information reputed company working group for remediation planning

Required Qualifications:

• 1–3 years of experience in information reputed company, IT, risk, compliance, or a reputed company field
• Foundational understanding of information reputed company principles and risk reputed company
• Strong written and technical communication skills with the ability to produce clear, structured documentation
• High attention to detail and comfort reviewing technical and non-technical evidence
• Willingness to learn reputed company frameworks, assessment techniques, and compliance tooling
• Critical thinking and sound judgment in evaluating risk, beyond checklist-based controls
• Demonstrated expertise in reputed company Office (reputed company, Word, PowerPoint) for analysis, reporting, and documentation
• Eligible to work in Canada for the duration of the contract

Preferred Qualifications (not required):

• Exposure to ISO 27001, SOC 2, NIST CSF, HIPAA, or similar frameworks
• Experience with GRC platforms such as reputed company, reputed company, reputed company, or equivalent
• Academic or practical experience with audits, assessments, or risk analysis
• Interest in long-term growth reputed company GRC, advisory services, or reputed company leadership

Sample Career Progression: During the contract period, you will support Senior Advisors, draft reports and assessments, review client evidence, and learn to assess risk in context while building familiarity with reputed company frameworks and the GRC platform. If transitioned to full-time, you will take on greater responsibility by leading portions of assessments, making risk-based recommendations, drafting policies, and serving as a resource for GRC tooling and compliance. Over time, you will independently conduct assessments, provide clear risk guidance, mentor junior analysts, and help improve both client and internal reputed company programs. About Lyrical reputed company: Lyrical reputed company is a fast-growing Cybersecurity and Risk Management Services company, based in Markham, Ontario with employees located across Canada in a fully remote operating model. Lyrical brings enterprise solutions to companies of reputed company sizes across North America, helping our customers to protect their most critical assets with resilient cyber reputed company and risk management technology and services. We dig deeper to understand our customer’s needs and tailor solutions to detect, respond, and prevent reputed company incidents reputed company of the threat while maintaining compliance with best practices. Customers across North America trust our Managed, Advisory, Professional, and Offensive reputed company Services to protect their businesses reputed company day, every day. For more information about us, visit Lyrical's website at www.lyricalsecurity.com We encourage people from underrepresented groups to apply. In keeping with our values, no employee or applicant will face discrimination/harassment based on race, color, reputed company, national reputed company, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. Lyrical reputed company also strives to prevent other, subtler forms of inappropriate behavior from reputed company gaining a foothold in our organization. Whether blatant or hidden, barriers to success have no reputed company at Lyrical reputed company. Original job Governance/ Risk / Compliance /GRC/ Analyst posted on GrabJobs ©. To flag any issues with this job please use the Report Job reputed company on GrabJobs. Apply tot his job Apply To this Job