Governance, Risk

Location: Monterrey, N.L. (Hybrid – 3 days onsite)Employment type: Direct Hire – Full-time, with all benefits required by Mexican lawSalary range: Competitive and negotiable based on experienceLanguage: Bilingual (Advanced English – excellent verbal and written communication skills required)We are looking for a GRC Analyst to help strengthen the company's cybersecurity governance program.This role will focus on building a strong security culture, supporting audit readiness, and enhancing vendor risk management.The ideal candidate will combine knowledge of cybersecurity frameworks with strong interpersonal skills to partner effectively across the organization.Key ResponsibilitiesPolicy Governance- Support the review and maintenance of internal security policies aligned with frameworks such as SCF, PCI DSS, and ISO *****.- Work with business stakeholders to ensure policies are practical, updated, and audit-ready.Vendor Risk Management & Audits- Coordinate annual vendor risk assessments and track remediation of compliance gaps.- Assist in preparing documentation for external audits, ensuring timely and accurate responses.Security Awareness & Culture- Design and deliver engaging security awareness initiatives to promote secure behaviors.- Partner with teams to integrate security practices into daily operations.Cross-Functional Collaboration- Collaborate with Legal, Procurement, IT, and business units to embed compliance into business workflows.- Act as a trusted advisor on governance and compliance matters across the organization.Reporting & Metrics- Maintain reports and dashboards on training completion, audit progress, and vendor compliance status.- Provide insights to leadership to drive continuous improvement.Requirements- Bachelor's degree in Business, Information Systems, Cybersecurity, or related field.- 4+ years of experience in IT governance, risk & compliance, or audit.- Strong knowledge of regulatory frameworks (PCI DSS, NIST CSF, ISO *****).- GRC tools (e.G., OneTrust).- Excellent leadership, communication, and stakeholder management skills.- Proven ability to manage complex projects, influence without direct authority, and drive cross-functional outcomes.- English level: B2 (upper-intermediate).Benefits- Career development plan and continuous learning.- Excellent work environment and flexibility.- Direct client benefits.- Direct hiring.- Career development plan.If you're looking for a place where professional growth goes hand in hand with quality of life, this opportunity is for you