Today's threatscape is relentless. So are we. At Cyderes, we build practical Identity & Access Management (IAM), Exposure Management, and risk programs, helping organizations stop active threats fast with Managed Detection & Response (MDR) that integrates with existing tools. Powering it all is Meridian, our entity fabric that connects identities, assets, and access into one trusted reality. Augmented by AI and driven by seasoned operators, our tireless global team arms organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.
About the Job:
Cyderes is looking for an GRC Analyst. The GRC Analyst will be responsible for daily activities in implementing the information security and compliance programme. You will help maintain audit and compliance projects to ensure policies, standards, procedures, and audit activities are according to business, IT, and regulatory requirements. You will also participate in and support multiple department activities. These activities may include quarterly user access reviews, the development of information security policies, procedures, and standards. They may also include training and awareness activities, and reviewing and responding to security requirements and inquiries regarding existing or proposed solutions. You will perform internal and external security compliance monitoring activities, manage client audits, IT control audits, and security risk assessments.
To be successful in this role, you must be comfortable with evaluating, documenting, and creating remediation plans to meet compliance requirements in a. The effectiveness of the implementation and operation of the information security and compliance directives will measure success.
You will be reporting to senior manager GRC
Responsibilities:
- Coordinate IT security governance, risk and compliance activities across the enterprise
- Oversee information security compliance activities, including daily, weekly, quarterly and annual security risk assessments – both performing internal assessments and responding to external assessments
- Respond to request for information on Cyderes' security compliance from customers and partners, review and negotiate relevant agreements
- Support efforts for compliance with SOC2, ISO 27001, NIST 800-53, and other security standards and regulatory frameworks
- Conduct audit readiness assessments and coordinate with internal and external functions and audit resources
- Support the implementation and administration of the Governance, Risk, and Compliance system (GRC)
- Collaborate with other departments to direct security compliance issues to appropriate channels for investigation and resolutions
- Revise and maintain security and controls procedures following applicable regulations
- Ensure Continuous Compliance through Continuous testing of security and privacy control
- Provide recommendations for technology, licencing, and process updates to improve Cyderes overall security posture
- Develop and provide reports to keep management informed of the operation and progress of compliance efforts
Requirements
- Minimum 3 years in a GRC role with at least 1 full year of hands-on administration of a GRC automation tool (Vanta, Drata, or Sprinto). We prefer Vanta.
- Experience in design and implementation of information security policies and controls
- Experience participating in external security audits; SOC2 Type II
- Experience conducting needs assessments and identifying/implementing appropriate solutions
- Knowledge of security technologies and architecture, including encryption, cloud network security design, security group configuration, intrusion detection, data loss prevention and application security
- CISSP, CISM, CISA certifications
- Analyst A (The Internal Builder): Focuses on Vanta, SOC2/ISO mapping, and internal engineering/DevOps agreement.)
- Evidence Collection: Experience translating abstract SOC2 criteria into technical screenshots, logs, or API outputs.
- Experience translating abstract SOC2 Common Criteria or ISO 27001 clauses into applicable technical controls.
WHY CYDERES?
Benefits that go beyond the basics, we support our people so they can do their best work.
✔ Medical Insurance - Employee + dependents covered
✔ Life Insurance - Protection for what matters most
✔ Retirement Match Program - We invest in your future
✔ Hybrid Work Model - 2–3 days in office
✔ Maternity & Paternity Leave - Time for the moments that matter
✔ Paid Time Off - PTO + sick & casual leave
✔ Bereavement & Volunteer Time - Give back to your community
✔ Professional Development - Reimbursement program
✔ LinkedIn L&D Platform - Thousands of courses at your fingertips
✔ Mobile Phone Reimbursement - Stay connected, on us
Similar Jobs
What We Do
Cyderes is a global cybersecurity partner built for today’s relentless threatscape. We specialize in identity-centric security, managed detection and response, and cloud defense—powered by AI and driven by expert operators. Our mission: arm organizations with the people, platforms, and perspective to "be everyday ready.”









