GRC Analyst - 5255
What is it like to work in UC colors?
One thing’s certain all 350+ of our colleagues would say the same: it’s a truly unique and unrepeatable experience. At UC, professional growth and personal development go hand in hand. From tailored professional trainings to team-building events, we make sure work is both inspiring and fun.
You can enjoy the vibe at IT Fest, enjoy the scenic Balaton Circle on two wheels or on foot, unwind in our cozy kUCkó, unleash your creativity during themed craft afternoons, or make a difference through our charity events.
About the client/project
Tasks
- Maintain, review, and develop information security policies, procedures, and ISMS documentation.
- Drive information security standards and contribute to client and internal security strategy.
- Act as a subject-matter expert for compliance and regulatory frameworks (ISO, NIST, NIS2, PCI-DSS, GDPR, DORA).
- Review vendor security questionnaires (e.g. SIG) and assess vendor risk.
- Support and deliver CISO as a Service (CISOaaS) activities in close collaboration with the GRC Lead and CISO.
- Establish and maintain risk management frameworks, processes, and decision models.
- Perform information security risk assessments and monitor compliance with policies and standards.
- Participate in Disaster Recovery (DR) and Business Continuity Planning (BCP), including testing and documentation.
- Conduct compliance audits, identify gaps, coordinate corrective actions, and prepare audit documentation and reports.
- Track regulatory changes and ensure timely policy and control updates.
- Support incident response documentation and post-incident improvements.
- Work closely with client stakeholders (IT, Legal, Compliance, HR, CISOs) to align security with business needs.
- Plan and deliver security awareness programs, trainings, and executive briefings.
- Proactively identify and implement risk-based security improvements; provide reactive support during incidents and compliance gaps.
Necessary knowledge/technologies used
- 2–3 years of experience in GRC, information security governance, audit, or compliance roles.
- Background in Information Security, Risk Management, or a related field.
- Hands-on experience with at least one GRC platform (e.g., Archer, ServiceNow GRC).
- Strong knowledge of GDPR and other relevant regulatory requirements.
- Familiarity with security audits, control design, and control testing.
- Experience with documentation and reporting tools.
- Basic knowledge of compliance standards and frameworks such as ISO 27001, NIST, NIS2, PCI-DSS, and DORA.
- Excellent documentation, reporting, and interpersonal communication skills.
- Clear and effective communicator, capable of explaining complex security topics to both technical and non-technical audiences.
- High motivation and a continuous learning mindset, with a strong interest in cybersecurity trends and compliance developments.
It gives you an advantage
- Professional certifications such as ISO 27001 Lead Implementer, CISA, CRISC, CISSP, or similar.
- Experience working in consulting or multi-client environments.
- Prior involvement in regulatory-driven transformation or security maturity programs.
Why you should join us
- Because we can count on each other, we form a professional and human community.
- Opportunity to participate in professional trainings, conferences.
- With your success and professional knowledge, you can build your career continuously.
- Stable company, market leading customers.
- You can participate in exciting team builders and events.
.avif)
Don't we have a position open for you now?
Join our Talent Pool and be the first to know about new opportunities!
Get in touch
Subscribe to our newsletter
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.
Get in touch
Subscribe to our newsletter
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.
Get in touch
Subscribe to our newsletter
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.
Get in touch
Subscribe to our newsletter
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.
get in touch
Subscribe to our newsletter!
We are an innovative community who are stick together and belive in development.
© 2026 United Consult Zrt.
Get in touch
Subscribe to our newsletter
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.
get in touch
Subscribe to our newsletter
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.
Get in touch
Subscribe to our newsletter
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.
get in touch
Subscribe to our newsletter!
Only valuable content, no spam. Join our IT community!
© 2026 United Consult Zrt.