Location: Monterrey, N.L. (Hybrid – 2 days onsite)
Employment type: Direct Hire – Full-time, with all benefits required by Mexican law
Salary range: Competitive and negotiable based on experience
Language: Bilingual (Advanced English – excellent verbal and written communication skills required)
We are seeking a Sr. GRC Analyst to play a key role in shaping the company’s cybersecurity governance strategy. This position will lead initiatives to strengthen security culture, ensure audit readiness, and enhance vendor governance. The idóneo candidate will operate with autonomy, influence cross-functional teams, and act as a subject matter expert in cybersecurity frameworks, risk management practices, and regulatory compliance.
Key Responsibilities
Compliance Leadership
- Serve as the primary compliance representative at the corporate office.
- Promote accountability and proactive risk management across business units.
Policy Governance
- Oversee the annual review and update of internal policies aligned with frameworks such as SCF, PCI DSS, and ISO 27001.
- Collaborate with stakeholders to ensure policies are current, enforceable, and audit-ready.
Audit & Vendor Governance
- Lead coordination of external audit responses and annual vendor risk assessments.
- Ensure timely and accurate documentation while closing compliance gaps across SaaS platforms and third-party vendors.
Security Awareness Strategy
- Design and implement enterprise-wide cybersecurity awareness campaigns.
- Create targeted messaging and leverage innovative tools to reinforce secure behaviors and align with the company’s risk posture.
Cross-Functional Collaboration
- Partner with Legal, Procurement, IT, and business units to embed compliance into operational workflows.
Reporting & Metrics
- Maintain executive dashboards with metrics on training completion, audit status, and vendor compliance.
- Provide insights and recommendations to leadership for continuous improvement.
Requirements
- Bachelor’s degree in Business, Information Systems, Cybersecurity, or related field.
- 5+ years of experience in IT governance, risk & compliance, or audit.
- Strong knowledge of regulatory frameworks (PCI DSS, NIST CSF, ISO 27001) and GRC tools (e.g., OneTrust).
- Excellent leadership, communication, and stakeholder management skills.
- Proven ability to manage complex projects, influence without direct authority, and drive cross-functional outcomes.
- English level: B2 (upper-intermediate).
Benefits
- Career development plan and continuous learning.
- Excellent work environment and flexibility.
- Direct client benefits.
- Direct hiring.
- Career development plan.
If you’re looking for a place where professional growth goes hand in hand with quality of life, this opportunity is for you!
📌 Governance, Risk & Compliance Analyst...
🏢 Micro Talent
📍 Sabinas Hidalgo