Job Description

Junior GRC Specialist

Connex Information Technologies (Pvt) Ltd, a leading technology services and solutions distributor, dedicated to helping organizations navigate complex and evolving landscapes.

We invite applications from suitably qualified individuals for the post of Junior GRC (Governance, Risk & Compliance) Specialist. The selected candidate will report to the Head of Security Operations.

The Senior GRC Specialist will be responsible for:

• Support GRC activities including risk assessments, compliance reviews, gap assessments, and policy reviews.
• Assist with ISO 27001, ISO 27701, PDPA, and other compliance initiatives by collecting evidence and maintaining documentation.
• Assist to develop, review, and maintain security policies, procedures, and compliance records.
• Participate in internal and external audit activities, including audit preparation and remediation tracking.
• Maintain risk registers, compliant trackers, and related GRC documentation.
• Collaborate with business and technical teams to support governance, risk, and compliance requirements.
• Monitor regulatory and industry developments and support continuous improvement initiatives.
• Prepare reports, presentations, and documentation related to GRC activities.

The ideal candidate should possess:

• 1-2 years of experience in Governance, Risk, and Compliance (GRC), Information Security, IT Audit, Risk Management, or related fields. Fresh graduates with relevant academic projects or internships are encouraged to apply.
• Understanding information security and GRC frameworks such as ISO 27001, ISO 27002, NIST, NIST SP, GDPR, or similar standards and regulations.
• Familiarity with risk assessment methodologies, security controls, compliance requirements, and audit processes.
• Ability to assist in conducting risk assessments, compliance reviews, internal audits, and control evaluations under the guidance of senior team members.
• Understanding data protection and privacy principles, including awareness of regulations such as GDPR and PDPA.
• Knowledge of common information security concepts, including access management, asset management, vulnerability management, incident management, and security policies.
• Strong analytical and problem-solving skills with attention to detail and the ability to document findings accurately.
• Good written and verbal communication skills, with the ability to interact professionally with internal stakeholders.
• Ability to work independently on assigned tasks while collaborating effectively within a team environment.

What We Offer:

• Competitive Compensation: Attractive salary and a comprehensive benefits package.
• Inclusive Culture: A dynamic and inclusive environment where your ideas and contributions are genuinely valued.
• Cutting-Edge Exposure: Exposure to cutting-edge technologies and high-impact projects.
• Career Advancement: Opportunities for growth and professional development in a rapidly evolving industry.

If you're up for the challenge, please send your resume to hr@connex.biz or click on the advert to apply. Please state the position you're interested in as the subject line of your email.

NOW HIRING - FULL-TIME

Junior GRC Specialist – Governance • Risk • Compliance

connex Empowering Technology

No. 286, R. A. De Mel Mawatha, Colombo 00300, Sri Lanka

https://www.connex.biz/

Similar Jobs