Cybersecurity Governance, Risk, and Compliance Analyst

Cybersecurity GRC Analyst

About Us

We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead.  

Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today! 

Principal Functional Responsibilities

• Develop, implement, and maintain cybersecurity policies, standards, and procedures in alignment with industry frameworks and regulatory requirements.

• Conduct risk assessments, security control evaluations, and gap analyses to identify and mitigate risks.

• Support internal and external audits, ensuring compliance with frameworks such as NIST CSF, ISO 27001, CIS Controls, SOC 2, and regulatory obligations.

• Assist in the management of third-party risk assessments and vendor security evaluations.

• Track, monitor, and report on cybersecurity risks, controls, and compliance metrics.

• Work with cross-functional teams to ensure security controls are embedded in business processes and IT operations.

• Develop and maintain risk registers, compliance documentation, and audit evidence repositories.

• Provide cybersecurity awareness training and guidance to employees on security best practices and compliance requirements.

• DLP Strategy & Oversight: Manage and help fine tune DLP Policies (preferable Zscaler) for Endpoint, Network and cloud) to protect sensitive data (PII, PCI, IP)

• Stay current with evolving cybersecurity threats, regulatory changes, and best practices to enhance the organization's security and compliance posture.

Basic Requirements

• Bachelor’s degree in computer science, Information Systems, or related degree plus three (3+) years of experience or equivalent combination of education and experience.

• Strong knowledge of security and risk management frameworks like NIST CSF, CIS Critical Security Controls, ISO 27001, NIST 800-53, FAIR, and CIS

• Must possess excellent oral and written communication skills and the ability to communicate in technical and business terms. Additionally, must be comfortable developing presentations and delivering them to senior management.

• 3+ years of experience in cybersecurity, governance, risk, and compliance.

• Experience conducting risk assessments, control evaluations, and compliance audits.

• Strong knowledge of cybersecurity best practices, policies, and procedures.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work independently and collaboratively in a dynamic environment.

• Professional certifications in IT and Cybersecurity a plus (e.g., Security+, GCRP, CGRC etc.).

 

Preferred Requirements

• Bachelor’s degree in computer science, Information Systems, or related degree plus eight (3-4) years of experience or equivalent combination of education and experience

• 3-4 years of experience in Cybersecurity roles (i.e., incident response, security operations, application security, etc.)

• Ability to simultaneously handle multiple projects and adjust to changing priorities while multitasking effectively.

• Self-starter, strong initiative, critical thinker, self-directed with a proven track record to collaborate and inspire change.

• Experience designing and implementing cybersecurity reporting and metrics (i.e., KPI/KRI development)

• Fluent in English; additional languages are a plus.

Competencies

• Tech Savvy: Anticipating and adopting innovations in business-building digital and technology applications.

• Optimizes Work Processes: Knowing the most effective and efficient processes to get things done, focusing on continuous improvement.

• Plans & Aligns: Planning and prioritizing work to meet commitments aligned with the interpersonal goals.

• Business Insight: Applying knowledge of business and the marketplace to advance the organization’s goals.

• Communicates Effectively: Developing and delivering multi-mode communications that clearly understand the different audiences' unique needs.

 

 

Our Commitment to Our People 

Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That’s why everything we do is geared toward a sustainable future—for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial.

Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally. 

Flexible and competitive benefits plans offer the right options to meet your individual/family needs. We provide employees with flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave.  

Together, we have the opportunity – and the power – to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team!

Our Commitment to Inclusion & Belonging

At Copeland, we cultivate a strong sense of inclusion and belonging where individuals of all backgrounds, and with diverse perspectives, are embraced and treated fairly to enable a stronger workforce.  Our employee resource groups play an important role in culture and community building at Copeland.

 

Equal Opportunity Employer 

Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.

Experience Level

Mid Level