GRC Specialist

Overview

Day-to-day execution of GRC activities: audits, evidence, questionnaires, risk register.

Key Responsibilities

• remediation tracking
• technical collaboration
• evidence management
• risk register
• questionnaire response
• metrics reporting

Tasks

-Track remediation items from audits, ensuring timely closure with responsible teams. -Collaborate with technical owners (Engineering, IT, Product) to provide accurate answers. -Support the Risk & Compliance Lead in responding to auditor and assessor queries. -Ensure responses are consistent with SOC2 reports and company policy. -Maintain a repository of reusable audit evidence to streamline future cycles. -Collect and organize evidence for SOC2 and other internal audits. -Contribute data for quarterly risk and compliance dashboards. -Ensure risk data is kept current for reporting cycles. -Maintain a knowledge base of pre-approved responses to accelerate RFPs and renewals. -Provide metrics on questionnaire volumes, audit findings, and remediation timelines. -Record new risks, assign owners, and track remediation/progress. -Coordinate responses to customer and third-party security questionnaires. -Highlight overdue risks, audit items, or exceptions to the Risk & Compliance Lead. -Update and maintain the cyber risk register in coordination with the Risk & Compliance Lead. -Document Policy Exception Risk Acceptance (PERA) approvals and expirations.

Requirements

• saas
• data analytics
• it audit
• servicenow
• soc2
• risk assessment

What You Bring

-Experience in SaaS, data analytics, or regulated industries. -Ability to manage multiple concurrent requests and deadlines. -Clear written communication for client questionnaires and reports. -Exposure to vendor/supplier risk assessments. -Experience in IT audit, compliance, or GRC operations. -Familiarity with audit frameworks (SOC2, ISO 27001, GDPR). -Strong organizational skills for evidence collection and tracking. -Experience using GRC platforms (ServiceNow GRC, Archer, or equivalent).

People Also Searched For

About Wood Mackenzie

-Pivoted in 1973 to pioneering energy research with its first oil report. -Over five decades evolved into a global consultancy powering decisions in energy, chemicals, metals, mining and renewables. -Its Lens platform spans power, hydrogen, carbon, LNG, maritime and more—turning vast datasets into strategic foresight. -Typical projects include asset valuation, project economics, supply‑chain intelligence and portfolio optimization. -With 30+ offices and a presence across energy value chains, it guides governments, producers and financial institutions. -Stands out by integrating legacy upstream expertise with cutting‑edge analytics across renewables and transition fuels. -Notable for weaving real‑time vessel tracking and carbon insights alongside decades‑deep commodity research.

Sector Specialisms