GRC Analyst

Our Company We're Hitachi Digital, a company at the forefront of digital transformation and the fastest growing division of Hitachi Group. We're crucial to the company's strategy and ambition to become a premier global player in the massive and fast-moving digital transformation market Our group companies, including GlobalLogic, Hitachi Digital Services, Hitachi Vantara and more, offer comprehensive services that span the entire digital lifecycle, from initial idea to full-scale operation and the infrastructure to run it on. Hitachi Digital represents One Hitachi, integrating domain knowledge and digital capabilities, and harnessing the power of the entire portfolio of services, technologies, and partnerships, to accelerate synergy creation and make real-world impact for our customers and society as a whole Imagine the sheer breadth of talent it takes to unleash a digital future. We don't expect you to 'fit' every requirement – your life experience, character, perspective, and passion for achieving great things in the world are equally as important to us

The Team

We are the Governance Risk and Compliance (GRC) Team, part of Cybersecurity at Hitachi Digital, and we are passionate advocates of information security, cybersecurity We maintain key standards and frameworks in our environment for GRC Capabilities in our corporate environment. We are out-of-the-box thinkers, innovators, and team players. We constantly seek new and better ways of doing things. We need highly motivated individuals to join our dynamic team who have positive attitudes and want to be part of something special. We strive for nothing less than the very best Governance, Risk and Compliance Team.

The Role

Governance & Compliance

• Assist in the development and maintenance of GRC policies, procedures, and standards.
• Monitor compliance with internal policies and external regulations (e.g., GDPR, ISO 27001, SOX).
• Support internal and external audits, including evidence collection and remediation tracking.

Risk Management

• Conduct risk assessments across business units and IT systems.
• Maintain the risk register and track mitigation plans.
• Support business continuity and incident response planning.
• Third-Party Risk Management (TPRM)
• Perform due diligence and risk assessments on new and existing vendors.
• Maintain a third-party inventory and risk classification.
• Collaborate with procurement, legal, and business units to ensure vendor compliance with security and privacy requirements.
• Monitor vendor performance and reassess risk periodically.

Reporting & Analytics

• Prepare dashboards and reports for leadership on risk posture, compliance status, and third-party risk.
• Track and report on key risk indicators (KRIs) and key performance indicators (KPIs).

What You'll Bring

• Bachelor's degree in Information Security, Risk Management, Business, or related field.
• 2–4 years of experience in GRC, risk management, or compliance roles.
• Familiarity with regulatory frameworks (e.g., NIST, ISO 27001, SOC 2, HIPAA).
• Experience with third-party risk management tools and processes.
• Strong analytical, communication, and stakeholder management skills.
• Proficiency in GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust) is a plus.
• Preferred Certifications
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Auditor (CISA)
• ISO 27001 Lead Implementer or Auditor
• About us

About us We're a global, 1000-strong, diverse team of professional experts, promoting and delivering Social Innovation through our One Hitachi initiative (OT x IT x Product) and working on projects that have a real-world impact. We're curious, passionate and empowered, blending our legacy of 110 years of innovation with our shaping our future. Here you're not just another employee; you're part of a tradition of excellence and a community working towards creating a digital future #LI-RR

Championing diversity, equity, and inclusion

Diversity, equity, and inclusion (DEI) are integral to our culture and identity. Diverse thinking, a commitment to allyship, and a culture of empowerment help us achieve powerful results. We want you to be you, with all the ideas, lived experience, and fresh perspective that brings. We support your uniqueness and encourage people from all backgrounds to apply and realize their full potential as part of our team.

How we look after you

We help take care of your today and tomorrow with industry-leading benefits, support, and services that look after your holistic health and wellbeing. We're also champions of life balance and offer flexible arrangements that work for you (role and location dependent). We're always looking for new ways of working that bring out our best, which leads to unexpected ideas. So here, you'll experience a sense of belonging, and discover autonomy, freedom, and ownership as you work alongside talented people you enjoy sharing knowledge with.

We're proud to say we're an equal opportunity employer and welcome all applicants for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, age, disability status or any other protected characteristic. Should you need reasonable accommodations during the recruitment process, please let us know so that we can do our best to set you up for success.

---