Cyber Security Analyst – GRC (ISO 27001, NIST, DORA)

About the role

We are looking for a GRC Analyst to join a security team in Dublin. The role focuses on aligning the organisation’s security posture with ISO 27001, NIST CSF and the new Digital Operational Resilience Act (DORA). You will work in a fast‑paced environment, supporting both technical teams and senior leadership.

Key responsibilities

• Lead implementation and ongoing maintenance of ISO 27001, NIST CSF and DORA frameworks.
• Perform detailed risk assessments and gap analyses to identify compliance weaknesses.
• Coordinate internal and external audits, preparing evidence and responding to auditor queries.
• Develop, update and manage security policies, standards and procedures.
• Produce clear compliance and risk posture reports for technical and executive audiences.
• Track remediation actions and work with cross‑functional teams to close control gaps.

Required profile

• 3‑5 years of experience in GRC, information security or IT audit.
• Strong knowledge of ISO 27001 implementation and NIST frameworks.
• In‑depth understanding of DORA and its application in financial/IT services.
• Relevant certifications such as ISO 27001 Lead Implementer, CRISC, CISA or CISSP (preferred).
• Excellent communication and stakeholder‑management skills.

Required skills

• ISO 27001
• NIST CSF (and related SP 800 series)
• DORA compliance
• Risk assessment and gap analysis
• Audit coordination and evidence preparation
• Security policy development
• Compliance reporting