Job Summary
Job Description
The GRC Analyst will be responsible for supporting the day-to-day execution of compliance programs, audit preparation, risk assessments, and overall security governance efforts. This includes maintaining compliance with frameworks like ISO 27001, SOC 2, HIPAA, PCI DSS, GDPR, TISAX, NIST, and IRAP. The analyst will assist in maintaining security policies and procedures, conduct compliance reviews, and monitor changes in regulatory requirements. They will also collaborate with internal stakeholders for audit-related activities, support periodic risk assessments, and maintain the risk register. The role involves working closely with teams across Engineering, Product, Legal, Procurement, and Enterprise Technology to support compliance initiatives and ensure timely completion of action items. Additionally, the analyst will assist in preparing reports and documentation for GRC activities.
Must have:
- Bachelor’s degree in IT, Cybersecurity, or related field.
- Familiarity with industry standards like ISO 27001, SOC 2, etc.
- 3-5 years experience in GRC, risk management, or compliance roles.
- Strong attention to detail and organizational skills.
Good to have:
- Experience working across global teams and time zones.
- Certifications such as CISA, CRISC, or ISO 27001.
- Comfortable using Microsoft 365 tools and collaboration platforms.
6 skills required
Job Details
Job Title: GRC Analyst (U.S. Time Zone Support)
Location: Based in KL
Time Zone: U.S. Central or Eastern Time Zone (Full Coverage Required)
Location: Based in KL
Time Zone: U.S. Central or Eastern Time Zone (Full Coverage Required)
About Us:
At Sitecore, our mission is to simplify how brands reach, engage, and serve people by delivering intelligent, personalised digital experiences that connect the world. We empower the world’s most iconic brands to build lifelong relationships with their customers—seamlessly, smartly, and at scale.
As the leading provider of agentic digital experience software, Sitecore brings together content, commerce, and data into one composable platform that enables brands to deliver millions of meaningful, adaptive experiences every day. Trusted by global leaders such as American Express, Porsche, Starbucks, and L’Oréal, Sitecore helps brands transform engagement through experiences that are not only personalised but predictive and dynamic.
Our foundation is our people—a diverse, passionate, and collaborative global team spanning over 25 countries. We believe that every experience matters, and that belief starts with how we work together. Our values—empathy, accountability, clarity, and growth—guide how we lead, innovate, and connect. They are the behavior's that bring our mission and vision to life, every day, in every interaction.
Learn more at Sitecore.com
About the Role/ The Opportunity:
We are looking for a detail-oriented and proactive GRC (Governance, Risk, and Compliance) Analyst to join our team. This role will be based in Kuala Lumpur and will support operations aligned with U.S. Central or Eastern time zones. The GRC Analyst will work closely with and support GRC Manager and the CISO, contributing to the day-to-day execution of compliance programs, audit preparation, risk assessments, and overall security governance efforts. This is a hands-on role, ideal for someone who thrives in a collaborative, fast-paced environment and is passionate about security, compliance, and risk management.
What You’ll Do:
Governance & Compliance
- Support the implementation and maintenance of compliance programs aligned with frameworks such as ISO 27001, SOC 2, HIPAA, PCI DSS, GDPR, TISAX, NIST, and IRAP.
- Assist in maintaining and updating security policies, procedures, and controls to ensure alignment with regulatory requirements.
- Conduct compliance reviews to identify gaps and assist in defining remediation actions.
- Monitor changes in regulatory requirements and provide input into compliance strategy and updates.
Audit Support
- Collaborate with internal stakeholders to coordinate audit-related activities, including evidence collection, documentation preparation, and status reporting.
- Maintain audit calendars, track deliverables, and ensure readiness for internal and external audits.
Risk Management
- Support periodic risk assessments, helping to identify, document, and track technology and process risks.
- Maintain the risk and findings register, ensuring items are regularly updated and monitored for progress.
Cross-Functional Collaboration
- Work closely with teams across Engineering, Product, Legal, Procurement, and Enterprise Technology to support compliance initiatives and ensure timely completion of action items.
- Provide ongoing support and clarity to teams on compliance tasks and expectations.
Reporting & Documentation
- Assist in preparing and delivering status reports, dashboards, and metrics on GRC activities for leadership and stakeholders.
- Ensure that compliance documentation is consistently updated and centrally stored (e.g., SharePoint, Confluence).
What You Need to Succeed
- Bachelor’s degree in information technology, Cybersecurity, or a related field.
- Familiarity with industry standards and frameworks such as ISO 27001, SOC 2, HIPAA, GDPR, PCI DSS, NIST, and others.
- 3-5 years of experience in a GRC, risk management, audit support, or compliance role in a technology-driven environment.
- Strong attention to detail, organizational skills, and ability to manage multiple tasks.
What You Need to Succeed
- Experience working across global teams and time zones is a plus.
- Certifications such as CISA, CRISC, or ISO 27001 Lead Implementer/Auditor are a plus.
- Comfortable using Microsoft 365 tools (e.g., Outlook, Teams, Excel, SharePoint) and collaboration platforms.
Sitecore is proud to be an equal opportunity workplace. We are committed to equal employment opportunity without unlawful regard to race, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, veteran status or any other local legally protected characteristic.
How we hire
At Sitecore, we put a lot of care and time into who we hire. We believe that in order to build the best products, we need to build high impact teams. Our recruitment process centers around what we call the Life Story interview, a conversational-style interview where we get to learn more about you.
Similar Jobs
Palo Alto Networks
Santa Clara, California, United States (Hybrid)
• 1 Month ago
bytedance
Singapore (On-Site)
• 7 Months ago
bytedance
Singapore (On-Site)
• 6 Months ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
San Francisco, California, United States (On-Site)
• 2 Weeks ago
Scientific Games
Pennsylvania, United States (Remote)
• 2 Months ago
São Paulo, State Of São Paulo, Brazil (On-Site)
• 1 Month ago
Postman
San Francisco, California, United States (Hybrid)
• 1 Month ago
The Walt Disney Company
Bristol, Connecticut, United States (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Jobs in Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia
OKX
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 1 Week ago
Powerintegration
Penang, Malaysia (On-Site)
• 3 Months ago
Electronic Arts
Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, Malaysia (On-Site)
• 2 Months ago
OKX
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 2 Weeks ago
Razer
Shah Alam, Selangor, Malaysia (On-Site)
• 6 Days ago
Marsh McLennan
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Hybrid)
• 3 Weeks ago
OKX
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 2 Weeks ago
PwC
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 7 Months ago
Get notifed when new similar jobs are uploaded
Similar Category Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
