Governance Risk and Compliance (GRC) Analyst

About Delinea:
Delinea is a pioneer in securing human and machine identities through intelligent, centralized authorization, empowering organizations to seamlessly govern their interactions across the modern enterprise. Leveraging AI-powered intelligence, Delinea’s leading cloud-native Identity Security Platform applies context throughout the entire identity lifecycle – across cloud and traditional infrastructure, data, SaaS applications, and AI. It is the only platform that enables you to discover all identities – including workforce, IT administrator, developers, and machines – assign appropriate access levels, detect irregularities, and respond to threats in real-time. With deployment in weeks, not months, 90% fewer resources to manage than the nearest competitor, and a 99.995% uptime, Delinea delivers robust security and operational efficiency without compromise. Learn more about Delinea on Delinea.com, LinkedIn, X, and YouTube.

Join our passionate, global team at Delinea and help us make the world a safer and more secure place. Our success is driven by world-class product leadership, outstanding engineers, and strategic investment from TPG. We value diversity, innovation, and a culture of respect and fairness. If you're ready to push boundaries and challenge the status quo in security, we want to hear from you.
 

Apply today to help us achieve our mission.

We’re thrilled to announce the opening of our new office in Mexico City as part of our continued global expansion. This new location not only supports our growing customer base but also opens up new opportunities for innovation and collaboration. Join us and help shape the culture, impact, and success of our Mexico team from day one!

Summary:

Delinea’s Cybersecurity organization is seeking a skilled GRC Analyst to play a key role in ensuring Delinea’s alignment and adherence with policies, practice and maintaining the company’s cybersecurity risk management framework and compliance program.

This role requires the ability to work cross-functionally with IT, product engineering and business to enable and deliver on company commitments and objectives.

This is a hybrid role that is based in Mexico City, Mexico and reports to the Director of Governance, Risk, and Compliance.

What you’ll do:

• Enforce cybersecurity Process Risk and Control frameworks that are rationalized against applicable laws and standards.

• Perform cybersecurity risk assessments and maturity assessments.

• Conduct control readiness assessments to evaluate design, implementation, and effectiveness.

• Perform vendor security risk reviews and capture effectiveness of vendor controls.

• Maintain Delinea’s centralized risk register and controls catalog via Delinea’s GRC solution.

• Maintain Delinea's cybersecurity policies, standards, and procedures.

• Coordinate as needed with external/internal teams to provide necessary documentation and support.

• Execute strategy for improving efficiency and ensure organizational procedure alignment to maintain compliance with industry standards.

• Prepare reports on risk assessments (i.e., cybersecurity, vendors) and compliance status.

• Function as a trusted advisor for business partners on the design and effective operation of controls.

• Continuously evaluate and improve cybersecurity risk management processes.

What you'll need:

• Bachelor’s degree in Computer Science, Information Technology, Business Administration, or a related field.

• 3+ years of relevant work experience.

• Solid understanding and ability to implement dependable, repeatable, and auditable data protection, privacy, and security controls in accordance with leading compliance standards (e.g., ISO27xxx, SOC 1, SOC2, PCI-DSS, FedRAMP, Common Criteria).

• Practical experience in performing security/privacy risk assessments including vendor security reviews.

• Strong time management, organizational skills, and diligence.

• Strong verbal and written communication, analytical and people skills.

• Fluent in English (spoken and written)

We'd Love to See:

• Cybersecurity certifications (e.g. CISSP, CISA, CRISC, CIPP, etc.).

• Familiarity with OneTrust or other GRC tools.

• Familiarity with Jira, SharePoint and Confluence

Why work at Delinea?

• We're passionate problem-solvers helping the world's largest organizations protect what matters most: their human and machine identities.

• We invest in people who are smart, self-motivated, and collaborative.

• What we offer in return is meaningful work, a culture of innovation and great career progression.

At Delinea, our core values are STRONG and guide our behaviors and success:

• Spirited - We bring energy and passion to everything we do

• Trust - We act with integrity and deliver on our commitments

• Respect - We listen, value different perspectives, and work as one team

• Ownership - We take initiative and follow through

• Nimble - We adapt quickly in a fast-changing environment

• Global - We embrace diverse people and ideas to drive better outcomes

We believe weaving these core values into our day-to-day actions, and our process for hiring, evaluating, and promoting employees, helps us cultivate a work environment that embraces collaboration and camaraderie.

We take care of our employees. We offer competitive salaries, a meaningful bonus program, and excellent benefits, including healthcare insurance, as well as pension/retirement matching, comprehensive life insurance, an employee assistance program, time off plans, and paid company holidays.

Delinea is an Equal Opportunity and Affirmative Action employer and prohibits discrimination and harassment of any type with regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Upon conditional offer of employment, candidates are required to complete comprehensive criminal background check, verification of education, and verification of employment, per employment policy. In addition, all publicly posted social media sites may be reviewed.