GRC Analyst

About the role

The GRC Analyst will support Seaboard Overseas and Trading Group’s information security, compliance, and data protection initiatives. Working across legal, HR, cybersecurity, and vendor teams, you will help ensure the organization meets internal policies and external regulatory standards.

Key responsibilities

• Execute the enterprise‑wide security compliance program and conduct periodic gap assessments.
• Perform audits against frameworks such as NIST 800‑53, CIS Benchmarks, and ISO standards, documenting findings and tracking remediation.
• Support internal and external audit activities by gathering evidence and coordinating stakeholder interviews.
• Collaborate with Legal, HR, and third‑party auditors to verify regulatory and contractual obligations.
• Assist in updating security, privacy, and data‑protection policies, standards, and procedures.
• Conduct third‑party risk assessments and vendor due‑diligence to align with security requirements.
• Help launch and improve data‑classification pilots and guide Data Stewards on handling standards.
• Configure and maintain DLP and classification tools, tuning rules and validating results.
• Work with cybersecurity teams to optimize DLP, CASB, and encryption controls.
• Participate in investigations of potential data incidents, providing root‑cause analysis and corrective actions.

Required profile

• Experience with security compliance frameworks (e.g., NIST 800‑53, CIS Benchmarks, ISO).
• Background in conducting audits, gap assessments, and remediation tracking.
• Familiarity with third‑party risk assessment and vendor due‑diligence processes.
• Ability to collaborate with cross‑functional teams including Legal, HR, and cybersecurity.

Required skills

• NIST 800‑53
• CIS Benchmarks
• ISO standards (e.g., ISO 27001)
• Data Loss Prevention (DLP) tools
• Cloud Access Security Broker (CASB) solutions
• Encryption technologies
• Data classification platforms
• Audit documentation and reporting