GRC Analyst

We are seeking a proactive and detail-oriented Governance, Risk, and Compliance (GRC) Analyst to join our team. This remote role, based in Ireland, is essential for maintaining and maturing our information security risk and technology compliance programs, including SOC 2 and ISO 27001.

The ideal candidate will have a strong understanding of GRC principles, excellent documentation skills, and experience with compliance automation tools like Vanta.

Your Impact:

SOC 2 & ISO 27001

- Manage documentation and organize audit evidence in line with SOC 2 and ISO 27001 control requirements.

- Track remediation and action items through to completion.

- Support internal and external audit processes, ensuring timely delivery of evidence.

- Assist in the preparation and maintenance of ISO 27001 ISMS documentation (e.g., risk registers, Statement of Applicability, audit logs).

Vanta Administration

- Act as administrator for Vanta, ensuring accurate mappings between controls, policies, and evidence.

- Maintain the completeness and accuracy of control testing evidence within Vanta.

- Support automation of evidence collection and integration with key systems.

Third-Party Risk Management

- Conduct vendor due diligence and third-party risk assessments.

- Track remediation items and risk mitigation actions.

- Maintain an updated vendor inventory and risk scoring documentation.

Policy, Procedure & SOP Library

- Maintain and version-control all policies, standards, and SOPs in Confluence or other repositories.

- Ensure documents are aligned with current compliance frameworks and reviewed per schedule.

- Support drafting, editing, and publishing new or updated documentation as required.

Role Requirements

- 2–4 years of experience in Governance, Risk & Compliance, Information Security, or Audit.

- Working knowledge of SOC 2 Type II and ISO 27001 frameworks.

- Strong organizational skills and attention to detail in evidence management and documentation.

- Experience preparing audit deliverables and maintaining compliance documentation.

- Exposure to risk assessment and third-party vendor management processes.

- Excellent written and verbal communication skills.

Nice-to- Have Skills

- Experience with Vanta, Jira, and Confluence.

- Familiarity with cloud or SaaS environments (GCP, AWS, or similar).

- Relevant certifications such as ISO 27001 Internal Auditor, CISA, or CompTIA Security+ are a plus.

About Us:

We Power the Blockchain economy.

Blockdaemon powers the blockchain economy with its suite of industry-leading infrastructure solutions. We are a globally established, ISO-27001 certified partner with extensive protocol coverage, offering technical depth, industry-leading SLAs, 70+ global points of presence through 10+ cloud and bare metal providers, and 24/7 support for an unmatched institutional-grade experience. We provide integrated business solutions to exchanges, custodians, crypto platforms, financial institutions, and developers using our end-to-end suite of blockchain tools, including dedicated nodes, APIs, staking, liquid staking, MPC tech, and more. Blockdaemon provides its customers with the confidence to quickly and easily scale without compromising security or compliance.

We are a globally distributed team.

Blockdaemon is an Equal Opportunity Employer.

#J-18808-Ljbffr