GRC Analyst

Fulcrum Digital is an agile and next-generation digital accelerating company providing digital transformation and technology services right from ideation to implementation. These services have applicability across a variety of industries, including banking & financial services, insurance, retail, higher education, food, healthcare, and manufacturing.

We are seeking a detail-oriented and analytical GRC Analyst to support the organizations governance, risk management, and compliance initiatives. The ideal candidate will help identify risks, ensure regulatory compliance, support audit processes, and strengthen internal controls to protect the organizations assets and reputation.

• Support development and maintenance of security policies, standards, and procedures

• Ensure alignment with industry frameworks (e.g., ISO 27001, NIST, SOC 2)

• Assist in policy awareness and training initiatives

• Conduct risk assessments and maintain risk registers

• Identify, analyze, and document security and operational risks

• Track remediation plans and risk mitigation efforts

• Support third-party/vendor risk assessments

• Monitor compliance with regulatory and industry requirements (e.g., GDPR, HIPAA, PCI-DSS as applicable)



• Assist with internal and external audits

• Collect and maintain evidence for compliance reporting

• Coordinate remediation of audit findings

• Prepare risk and compliance reports for management

• Maintain documentation of controls and audit artifacts

• Track KPIs and KRIs

• Bachelors degree in Information Security, Cybersecurity, IT, Risk Management, or related field

• 2–5 years of experience in GRC, risk management, compliance, or IT audit

• Knowledge of security frameworks (ISO 27001, NIST, SOC 2, etc.)

• Understanding of regulatory requirements (GDPR, HIPAA, PCI-DSS, etc.)

• Strong analytical and documentation skills

• Certifications such as CISA, CRISC, CISM, ISO 27001 Lead Implementer/Auditor

  Looking to get Placed? Try our Placement Guarantee Plan

  Get Hired

• Experience with GRC tools (e.g., Archer, ServiceNow GRC)

• Experience working with cloud environments (Azure, AWS, GCP)

• Knowledge of cybersecurity controls and risk methodologies

• Risk assessment and analysis

• Policy and control documentation

• Audit coordination

• Strong communication and stakeholder management

• Attention to detail

• Ability to work independently and manage multiple priorities

• Full-time position

• Hybrid/Remote (as applicable)

• Cross-functional collaboration with IT, Security, Legal, and Business teams