Cyber Risk & Compliance Analyst

Key Responsibilities

• Review cybersecurity-related sections of client RFPs and security questionnaires. 
• Gather and align internal documentation to ensure accurate, consistent, and defensible responses. 
• Coordinate with subject matter experts to validate technical and compliance statements. 
• Ensure responses reflect current certifications, controls, and commitments. 

• Review contracts to identify cybersecurity, data protection, and compliance-related clauses. 
• Assess alignment between contractual obligations and existing security controls. 
• Escalate gaps or misalignments to Security and Legal for resolution. 
• Maintain traceability of contractual security commitments. 

• Coordinate internal stakeholders to complete vendor or client security questionnaires. 
• Track questionnaire status, deadlines, and follow-ups. 
• Ensure timely and structured responses. 
• Support evidence collection and documentation for third-party reviews. 

• Maintain organized repositories of policies, certifications, audit reports, and evidence. 
• Ensure documentation is up to date and reusable for future engagements. 
• Support audit preparation activities when required. 
• Contribute to process improvement initiatives within GRC. 

• Monitor RFP, contract, and TPRM workflow status. 
• Provide status updates to management. 
• Identify recurring issues or process bottlenecks.

Skills, Knowledge & Expertise

• Bachelor’s degree in IT, telecommunications, computer science, information security, or related field. 
• With 2-5  years of experience in cybersecurity, risk management, audit  or compliance. 
• Good communication skills
• Strong knowledge of information security frameworks and standards (ISO 27001, NIST CSF, GDPR). 
• Exposure to RFP processes or client-facing compliance documentation is a plus.
• Office Suite: Advanced