Governance, Risk, and Compliance (GRC) Analyst

Governance, Risk, and Compliance (GRC) Analyst

25 Mar 2026

Company: Jun Cyber Job Type: Contract Location: Fully remote – Open to applicants based in the Philippines only Department: Cybersecurity / Compliance

About Jun Cyber

Jun Cyber is a cybersecurity and compliance-focused organization dedicated to helping businesses navigate complex regulatory environments, strengthen their security posture, and achieve certifications such as CMMC, SOC 2, and ISO 27001. Our mission is to deliver practical, scalable, and effective cybersecurity solutions that empower organizations to operate securely and confidently.

Position Overview

Jun Cyber is seeking a detail-oriented and motivated GRC Analyst to support our growing compliance and risk management initiatives. The ideal candidate will assist in implementing, maintaining, and improving governance, risk, and compliance programs across multiple frameworks, with a strong focus on CMMC, NIST, SOC 2, and ISO 27001.

This role requires strong analytical skills, excellent documentation capabilities, and the ability to collaborate with cross-functional teams to ensure compliance requirements are met.

Key Responsibilities

• Support the development, implementation, and maintenance of GRC programs and policies

• Assist in preparing for and managing compliance audits (CMMC, SOC 2, ISO 27001, NIST 800-171)

• Conduct risk assessments and document findings, including risk mitigation strategies

• Develop, review, and maintain security policies, procedures, and documentation

• Track compliance status and remediation efforts across projects

• Work with internal teams and clients to gather evidence for audits and assessments

• Monitor regulatory changes and ensure organizational alignment with new requirements

• Assist in vendor risk assessments and third-party compliance reviews

• Maintain GRC tools, dashboards, and reporting metrics

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)

• 1–3 years of experience in GRC, cybersecurity, or compliance-related roles

• Familiarity with frameworks such as CMMC, NIST 800-171, NIST CSF, SOC 2, and ISO 27001

• Strong understanding of risk management principles

• Excellent written and verbal communication skills

• Strong organizational and documentation skills

• Ability to manage multiple tasks and meet deadlines in a remote environment

Preferred Qualifications

• Experience supporting CMMC assessments or readiness programs

• Knowledge of tools such as (put the tools needed)

• Relevant certifications (or working toward), such as:

  • CompTIA Security+

  • (add more certifications if needed)

• Experience working with Managed Service Providers (MSPs) or consulting environments

Key Competencies

• Attention to detail and accuracy

• Analytical and critical thinking

• Proactive and self-motivated

• Strong collaboration and communication skills

• Adaptability in a fast-paced environment

What We Offer

• Competitive compensation (based on experience)

• Opportunity to work on high-impact cybersecurity compliance projects

• Professional development and certification support

• Career growth within a rapidly expanding cybersecurity firm

How to Apply

Interested candidates should submit their resume along with a brief cover letter outlining their experience with GRC frameworks and compliance initiatives.

Entry Level

Contract

St. Petersburg Florida United States