GRC Analyst

About the role

We are seeking a GRC Analyst to join our team at ITJ, a binational US‑Mexican company building Software Centers of Excellence for fast‑growing BioMedTech partners. The role focuses on governance, risk and compliance activities supporting our engineering teams and medical‑device clients.

Key responsibilities

• Assess and document IT risk, compliance findings and remediation actions.
• Interact with global stakeholders in English to communicate risk results.
• Support third‑party risk management, including vendor assessments and risk rating.
• Maintain and update compliance documentation using Optro (formerly AuditBoard).
• Stay informed on industry frameworks such as NIST and GDPR.

Required profile

• 2–3 years of experience in GRC, IT risk or cybersecurity compliance.
• Strong written and verbal English communication skills.
• Awareness of NIST, GDPR and related regulatory frameworks.
• Basic understanding of third‑party risk management concepts.

Required skills

• Proficiency with Optro (AuditBoard) platform.

What we offer

• Opportunity to work on real medical‑device software products.
• Collaborative environment with global stakeholders.
• Career growth within a rapidly expanding technology company.