About us:
Amach is an industry-leading technology driven company with headquarters located in Dublin and remote teams in UK and Europe.
Our blended teams of local and nearshore talent are optimised to deliver high quality and collaborative solutions.
Founded in 2013, Amach was created to solve a specific problem in aviation: too much complexity, too little usable intelligence. We help airlines modernise their operating model using cloud, data and Al-delivered by teams with deep aviation domain expertise.
Our goal is to maximize airlines' operational efficiency by optimizing resource use, reduce costs and increase customer experience and satisfaction.
We're hiring a Cyber GRC Analyst to support enterprise-wide governance, risk and compliance activities across a complex technology environment.
This role will focus on cyber risk assessments, security control assurance, regulatory compliance, third-party risk management, and cyber resilience governance. You'll work closely with security, technology and business teams to help strengthen the organisations cyber security posture and ensure alignment with regulatory and industry standards.
Key responsibilities & duties include:
- Perform cyber risk assessments across systems, projects, technology changes, and third-party suppliers
- Conduct structured security control testing and assurance activities against internal and regulatory framework.
- Support governance, risk, compliance, and cyber resilience activities including business continuity and disaster recovery oversight
- Monitor compliance with cyber security policies, standards, and regulatory requirements including NIS2, GDPR, NIST CSF and ISO 27001
- Support internal and external audits, regulatory inspections, and governance reporting
- Track remediation activities, control maturity, and cyber risk metrics
- Collaborate with technical and business stakeholders to ensure risks are identified, managed, and appropriately mitigated
- Support the lifecycle management of cyber security policies, standards, and procedures
- Contribute to continuous improvement initiatives across cyber governance and assurance processes
Required Experience:
- 5+ years’ experience in cyber security, risk management, governance, compliance, or technology assurance
- Hands-on experience performing cyber risk assessments, control testing, or compliance assurance activities
- Strong understanding of risk management principles and security governance practices
- Experience with third-party risk management and supplier assurance
- Familiarity with frameworks and standards such as NIST, ISO 27001, CIS, GDPR, and related regulatory requirements
- Experience supporting audits, assurance reviews, or project/change risk assessments
- Strong written communication and stakeholder management skills
- Ability to manage multiple priorities and work independently in a fast-paced environment
Desirable Experience:
- Experience within regulated industries such as aviation, finance, or critical infrastructure
- Knowledge of secure-by-design principles, cloud security controls, and modern IT environments
- Experience supporting resilience frameworks including BCM, disaster recovery, or cyber recovery
- Familiarity with GRC platforms such as SureCloud, Archer, or ServiceNow GRC
- Knowledge of Power BI
- Relevant certifications such as CISSP, CISA, CRISC, or ISO 27001 Lead Auditor/Implementer
What’s in it for you:
- An opportunity to join a fast-growing company
- Options for career advancement
- Learning and development opportunities
- Flexible working environment
- Competitive salaries based on experience
Equal Opportunity Employer:
Amach is an equal opportunity employer and makes employment decisions on the basis of merit. We celebrate diversity and are committed to creating an inclusive environment for all employees. This job description is intended to convey essential responsibilities and qualifications for this role, but it is not an exhaustive list of tasks that an employee may be required to perform.
If you are passionate about driving customer success, advising on strategic solutions, and contributing to product innovation, we would love to hear from you!
Not for you?
Check out all of our open positions in our careers page and follow us on LinkedIn for future opportunities.
P.S. Share this with friends and co-workers! Don't be afraid they'll steal it from you, if you're amazing and smart we'll find a role for you. We are growing fast and we are always looking for talented people.
At Amach, we strive to be an inclusive community of open-minded individuals with different backgrounds and we are committed to fostering, cultivating and preserving a culture of diversity, equity and inclusion. We strongly believe that a diversity of experience and background is essential to create a fulfilling environment and better solutions for our people and our customers. All Amach employees and contractors are expected to honour this policy and act to ensure that every individual is respected in the workplace.
Your personal data
Amach will process your personal information in accordance with the EU's General Data Protection Regulation (GDPR). We will comply with data protection law and principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way
- Collected only for valid purposes and not used in any way that is incompatible with those purposes
- Relevant to the purposes we have told you about and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes we have told you about
- Kept securely
If you would like to contact us about your data, please use the following address: [email protected]
Skills Required
- 5+ years' experience in cyber security, risk management, governance, compliance, or technology assurance
- Hands-on experience performing cyber risk assessments, control testing, or compliance assurance activities
- Strong understanding of risk management principles and security governance practices
- Experience with third-party risk management and supplier assurance
- Familiarity with frameworks and standards such as NIST, ISO 27001, CIS, GDPR
- Experience supporting audits, assurance reviews, or project/change risk assessments
- Strong written communication and stakeholder management skills
- Ability to manage multiple priorities and work independently in a fast-paced environment
What We Do
We help mature organisations evolve into modern digital businesses with faster time to market, increased operational stability and security. We offer a suite of technical services delivered by an experienced team of subject matter experts. Our services can be provided as a fully managed service or as an embedded part of your team. We focus on both short-term and long-term goals that emphasise business outcomes for our customers. Why choose Amach: 1. Business Agility - We focus on removing your IT debt, so that your company can focus on delivering business value to your customers at pace in a secure and reliable manner. 2. Cost Reduction - We help reduce your IT costs across all domains. This includes operational costs in both cloud and your data centres, licencing, evergreening, and reducing project delivery timelines. 3. Operational Stability - We will modernise your IT systems ensuring operational stability and resilience, to ensure the end user experience for both customers and staff are enhanced. 4. Enable Innovation - By removing IT debt, we create space for your team to focus on innovation, ensuring business longevity and futureproofing. We bring both sector experience and lessons learned. 5. Security - We address the overall architecture to ensure security by convention vs configuration. We promote DevSecOps practices, so security isn’t seen to prevent teams from delivery in an efficient manner. 6. Improve Employee Experience - We create and implement your EUX strategy that adapts to a changing world, while improving security and user efficiency - resulting in improved colleague satisfaction and retention. 7. Sustainability - Achieve your sustainability goals through optimising your overall IT footprint and reducing costs. We thrive on delivering customer value in every interaction. If you are interested in hearing more or to see how we could help you, please get in touch [email protected]
