Cybersecurity GRC, Governance, Risk & Compliance Analyst

This is a fully remote position, open to applicants in Nigeria.

📋 Description

• Develop, review, and uphold information security policies, standards, and procedures.

• Ensure conformity with industry frameworks such as ISO 27001, NIST CSF, and CIS Controls.

• Assist in the execution and oversight of security governance programs.

• Propel security awareness initiatives and foster a culture of compliance.

• Perform risk assessments at the enterprise, vendor, application, and infrastructure levels.

• Maintain and refresh the organization’s risk register.

• Conduct control gap assessments and suggest remediation strategies.

• Aid in third-party/vendor risk management processes.

• Monitor and report on risk treatment plans and the progress of mitigation efforts.

• Ensure compliance with regulatory and industry mandates such as PCI DSS, SOC 2, and GDPR.

• Organize internal and external audits, including evidence gathering and walkthroughs.

• Oversee compliance status and monitor the resolution of audit findings.

• Help create compliance reports and dashboards for management.

• Collaborate with security and IT teams to guarantee effective implementation of controls.

• Assist in incident response from the compliance and reporting perspectives.

• Support control testing and continuous monitoring activities.

• Keep precise documentation of policies, risk assessments, and control activities.

• Carry out other tasks as assigned by the CISO.

⛳️ Requirements

• 2–4 years of experience in cybersecurity, IT risk, compliance, or audit.

• A minimum of a Bachelor’s degree is required.

• Strong knowledge of information security frameworks and standards including ISO 27001, NIST, SOC 2, and PCI DSS.

• Experience with risk assessment methodologies and control frameworks.

• Familiarity with regulatory requirements applicable to the industry, such as financial services and data protection laws.

• Experience using Governance, Risk, and Compliance (GRC) tools.

• Excellent communication and interpersonal abilities.

• A positive attitude is essential.

• Capability to manage stress effectively and engage positively with others.

• Key Skills:

• Strong analytical and risk assessment capabilities.

• Attention to detail and proficient documentation skills.

• Exceptional communication and stakeholder management abilities.

• Ability to convey technical risks in terms of business impacts.

• Strong organizational and project management skills.

• A high level of integrity and professionalism.

🏝️ Benefits

• Health insurance.

• Sponsored and tailored training programs.

• Paid parental leave.

• Paid time-off.

• Flexible work arrangements.

• Low-interest loans.

• Group Life Insurance.

• Access to up to four therapy sessions each month.

• A day off to celebrate your birthday 🎂 🎁 🎉.

• Employee interest groups that foster supportive communities within Kora.

• A vibrant company culture and the chance to collaborate with a highly effective team on exciting projects!

**Note: We recognize that imposter syndrome is real - any candidate who may not meet every single requirement of this role is still highly encouraged to apply.**