Cyber Security GRC Senior Analyst

Apply now »

Date: 6 Mar 2026

Location: Pasig, PH

Company: inchcape

Cyber Security GRC Senior Analyst

Location: Philippines
Job Details: Remote


Are you looking to accelerate your professional development, build a brilliant career, and thrive in a highly supportive team? Join Inchcape Digital part of Inchcape’s global network.

You’ll play a key part in delivering great experiences for our customers and colleagues. With lots of interesting opportunities and challenges for you to explore that will take us, and your progression, to the next level.


Our Cyber Security platform is seeking a CYBER SECURITY GRC SENIOR ANALYST  to join our team in The Philippines. The Senior GRC Analyst will support Inchcape’s Global Cybersecurity Education & Awareness program, delivering engaging training and clear security communications across the organization. The role also contributes to Governance, Risk & Compliance activities, including risk management, policy maintenance, compliance support, audits, and third-party risk assessments. 



 What you’ll do


 1. Education & Awareness (Primary Responsibility):

  • Deliver and improve Inchcape’s Global Cyber Education & Awareness program, including phishing simulations and security training .
  • Ensure training content is accurate, relevant, and aligned with emerging human-risk trends.
  • Create engaging cybersecurity communications and training materials (guides, toolkits, newsletters, campaigns).
  • Track program metrics and behavioral trends to measure and improve awareness effectiveness.
  • Collaborate with Global Communications and manage the Cyber Security Intranet Hub to keep resources updated and accessible

 
2. Risk & Issue Management (Contributor Role):

  • Support cybersecurity risk management activities by participating in risk triage forums, maintaining risk and issue records, and contributing to thematic analysis and improvement actions.
  • Assist in maturing metrics-driven risk visibility by helping define requirements for dashboards, reporting, and cross‑regional analysis.
  • Work with risk owners to track remediation progress and escalate delays or gaps where required.

 
3. Policy, Standards & Regulatory Compliance:

  • Support the review, update, and communication of cybersecurity policies, standards, and procedures to ensure alignment with global frameworks (e.g., NIST CSF, ISO 27001, NIS2, PCI DSS).
  • Translate policy and standard requirements into clear, user‑friendly and popularised communications and awareness materials to support organisational adoption.
  • Participate in cybersecurity control assessments, helping collect evidence, track remediation, and integrate outcomes into reporting dashboards and Education & Awareness initiatives.

 
4. Third-Party Risk Management 

  • Assist in third‑party security assessments by reviewing vendor responses, identifying potential control gaps, and coordinating with stakeholders on remediation actions.
  • Support maintenance of TPRM (Third Party Risk Management) processes, documentation, and assessment repositories to ensure audit readiness and consistency across vendor types.


 5. External Audit & Regulatory Readiness

  • Contribute to preparation activities for external audits and regulatory reviews by gathering evidence, validating documentation, and coordinating with control owners.

Support the tracking and remediation of audit findings, ensuring required updates are reflected in both policy and awareness materials.



About you


  • 3+ years of experience in cybersecurity, governance, risk, or compliance, ideally in a global organization.

  • Experience delivering Cybersecurity Education & Awareness programs, including phishing simulations and security training.

  • Strong ability to create clear and engaging security content in English and translate technical topics for non-technical audiences.

  • Knowledge of cybersecurity risk management and frameworks such as ISO 27001, NIST Cybersecurity Framework, PCI DSS, GDPR, and NIS2 Directive.

  • Strong communication, stakeholder management, and analytical skills, with experience supporting risk, compliance, audit, or reporting activities



We offer you


Supportive Environment: Work alongside a dynamic team committed to your success.Career Growth: We're invested in your development and offer ample opportunity for advancement.Work-Life Balance: Enjoy a role that balances strategic analysis with day-to-day business support.Industry Leadership: Be part of a company that leads the transformation of the automotive distribution industry
Start your journey


Worried that you don’t meet all the criteria exactly? We encourage you to apply! Your skills and perspectives may be the perfect fit for this role or another opportunity within our business.


Opportunity for everyone


Inchcape is committed to creating an inclusive and diverse workplace where the power of our differences can be embraced and everyone feels they can belong, be themselves and succeed.


About us

Inchcape is the leading global automotive distributor operating in 38 markets. We partner with some of the biggest brands in the business to sustainably power better mobility today and in the future.Our diverse global team of over 16,000 talented colleagues foster an inclusive and collaborative culture, delivering a brilliant experience for our customers and partners. We’re a dynamic and fast-growing business, driving the transformation of our industry and redefining tomorrow.Inchcape Digital employs over 1,300 team members across Colombia and Philippines. Our portfolio includes vehicle distribution for world-renowned brands, market-leading fulfilment solutions, exceptional retail experiences, and tailored financial services.


Additional information request


Selected candidates will be contacted to initiate our hiring journey. We may request additional information from applicants to better understand your background, qualifications and experience for the role