GRC Specialist

Overview

Manage daily GRC tasks: audit evidence, security questionnaires, risk register upkeep.

Key Responsibilities

• risk register
• audit tracking
• evidence collection
• questionnaire coordination
• dashboards
• policy exceptions

Tasks

-Support the Risk & Compliance Lead in responding to auditor and assessor queries. -Collaborate with technical owners (Engineering, IT, Product) to provide accurate answers. -Maintain a knowledge base of pre-approved responses to accelerate RFPs and renewals. -Ensure risk data is kept current for reporting cycles. -Update and maintain the cyber risk register in coordination with the Risk & Compliance Lead. -Track remediation items from audits, ensuring timely closure with responsible teams. -Record new risks, assign owners, and track remediation/progress. -Collect and organize evidence for SOC2 and other internal audits. -Coordinate responses to customer and third-party security questionnaires. -Highlight overdue risks, audit items, or exceptions to the Risk & Compliance Lead. -Contribute data for quarterly risk and compliance dashboards. -Provide metrics on questionnaire volumes, audit findings, and remediation timelines. -Ensure responses are consistent with SOC2 reports and company policy. -Document Policy Exception Risk Acceptance (PERA) approvals and expirations. -Maintain a repository of reusable audit evidence to streamline future cycles.

Requirements

• servicenow
• archer
• soc2
• iso 27001
• it audit
• written communication

What You Bring

-Clear written communication for client questionnaires and reports. -Ability to manage multiple concurrent requests and deadlines. -Experience using GRC platforms (ServiceNow GRC, Archer, or equivalent). -Exposure to vendor/supplier risk assessments. -Experience in IT audit, compliance, or GRC operations. -Experience in SaaS, data analytics, or regulated industries. -Strong organizational skills for evidence collection and tracking. -Familiarity with audit frameworks (SOC2, ISO 27001, GDPR).

People Also Searched For

About Wood Mackenzie

-Pivoted in 1973 to pioneering energy research with its first oil report. -Over five decades evolved into a global consultancy powering decisions in energy, chemicals, metals, mining and renewables. -Its Lens platform spans power, hydrogen, carbon, LNG, maritime and more—turning vast datasets into strategic foresight. -Typical projects include asset valuation, project economics, supply‑chain intelligence and portfolio optimization. -With 30+ offices and a presence across energy value chains, it guides governments, producers and financial institutions. -Stands out by integrating legacy upstream expertise with cutting‑edge analytics across renewables and transition fuels. -Notable for weaving real‑time vessel tracking and carbon insights alongside decades‑deep commodity research.

Sector Specialisms