Cybersecurity GRC, Governance, Risk & Compliance Analyst

Kora

Cybersecurity GRC Analyst at Kora managing risk, compliance, and security frameworks. Developing policies and supporting audits to ensure regulatory alignment in global payment infrastructure.

Posted 5/11/2026full-timeRemote • 🇳🇬 NigeriaJuniorMid-LevelWebsite

Tech Stack

Tools & technologies

Cyber Security

About the role

Key responsibilities & impact

- Develop, review, and maintain information security policies, standards, and procedures
- Ensure alignment with industry frameworks (e.g., ISO 27001, NIST CSF, CIS Controls)
- Support the implementation and monitoring of security governance programs
- Drive security awareness initiatives and promote a culture of compliance
- Conduct risk assessments (enterprise, vendor, application, infrastructure)
- Maintain and update the organization’s risk register
- Perform control gap assessments and recommend remediation actions
- Support third-party/vendor risk management processes
- Track and report on risk treatment plans and mitigation progress
- Support compliance with regulatory and industry requirements (e.g., PCI DSS, SOC 2, GDPR)
- Coordinate internal and external audits, including evidence collection and walkthroughs
- Monitor compliance posture and track remediation of audit findings
- Assist in the development of compliance reports and dashboards for management
- Collaborate with security and IT teams to ensure controls are effectively implemented
- Assist in incident response from a compliance and reporting perspective
- Support control testing and continuous monitoring activities
- Maintain accurate documentation of policies, risk assessments, and control activities
- Other duties as assigned by the CISO.

Requirements

What you’ll need

- 2–4 years of experience in cybersecurity, IT risk, compliance, or audit
- Minimum of a Bachelor’s degree certificate
- Strong understanding of information security frameworks and standards (ISO 27001, NIST, SOC 2, PCI DSS)
- Experience with risk assessment methodologies and control frameworks
- Familiarity with regulatory requirements relevant to the industry (e.g., financial services, data protection laws)
- Experience with GRC tools
- Good communication & interpersonal skills
- Positive attitude
- Ability to handle stress appropriately and interact well with others.
Key Skills:
- Strong analytical and risk assessment skills
- Attention to detail and strong documentation capabilities
- Excellent communication and stakeholder management skills
- Ability to translate technical risks into business impact
- Strong organizational and project management abilities
- High level of integrity and professionalism

Benefits

Comp & perks

- Health insurance
- Sponsored and tailored training
- Paid parental leave
- Paid time-off
- Flexible work style
- Low-interest loans
- Group Life Insurance
- Access to up to four therapy sessions monthly
- Day off on your birthday 🎂 🎁 🎉
- Employee interest groups that provide supportive communities within Kora
- Great company culture and the opportunity to work with a highly collaborative team building something great!
**Note: We recognise imposter syndrome is real - any candidate who does not perfectly fit every characteristic of this role is still strongly encouraged to apply.**

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information security policiesrisk assessmentscontrol gap assessmentssecurity governance programscompliance reportsincident responsecontrol testingcontinuous monitoringrisk managementdocumentation

Soft Skills

communication skillsinterpersonal skillsanalytical skillsattention to detailstakeholder managementorganizational skillsproject managementintegrityprofessionalismstress management

Certifications

Bachelor's degreeISO 27001NISTSOC 2PCI DSS