Skip to main content

PLEASE NOTE: Sysco does not charge a fee at any stage of the recruitment process. Any requests for the payment of fees should be refused and reported to local law enforcement for appropriate action.

Búsqueda de Empleo

Cybersecurity Governance, Risk & Compliance Analyst (GRC Analyst)

Global Service Center- Costa Rica

Apply Now
Job ID R219404 Date posted 09/23/2025

Employment Type

Compensation Range

Job Profile Summary

Resumen de la Empresa

Sysco conecta al mundo para compartir alimentos y cuidar unos de otros. Sysco lidera desde el corazón de la comida y el servicio para ofrecer los alimentos más frescos e ideas innovadoras a restaurantes, centros de salud, instituciones educativas, establecimientos de hospedaje y otros clientes que preparan comidas fuera del hogar. Nuestros clientes pueden contar con nosotros para entregar productos y soluciones precisas, ya que solo Sysco es el líder global que se encuentra en el centro de la innovación en suministro, entrega, cocina y más.

Description

Cybersecurity Governance, Risk & Compliance Analyst (GRC Analyst)

The Analyst will be responsible for the planning and coordination of cybersecurity operational activities to ensure adherence to government regulations, industry standards, and corporate policies. This role includes implementing training, recording and tracking violations, following through on remediation, and ensuring continuous compliance across departments. The associate will also conduct ongoing research to stay up to date with evolving regulations and work closely with leadership and other departments to strengthen the organization’s cybersecurity governance framework.

Primary Responsibilities

  • Execute cybersecurity due diligence activities, partnering with business and technology teams to identify, assess, and communicate cyber risks across the enterprise.

  • Perform risk assessments and support the management of risk registers to ensure accurate tracking and remediation of identified issues.

  • Support and enhance cyber governance and compliance initiatives, ensuring alignment with internal policies and external regulations.

  • Apply NIST Cybersecurity Framework (CSF) and other industry standards to evaluate and improve the organization’s security posture.

  • Utilize RSA Archer (or similar GRC tools) for risk management, reporting, and exception tracking.

  • Design, build, and communicate metrics, dashboards, and compliance reporting for senior leadership.

  • Support exception management processes, documenting, tracking, and closing out risk exceptions in collaboration with stakeholders.

  • Design and implement continuous improvement opportunities to reduce cyber risk and improve process efficiency using industry best practices.

  • Report findings, rate the risk associated with each, and collaborate with technical teams to ensure timely remediation.

  • Monitor and maintain compliance with applicable cybersecurity policies, frameworks, and standards (e.g., NIST, ISO 27001, SOX, GDPR).

Education

  • Bachelor’s Degree in Information Technology, Information Systems, Computer Science, or a related technical field.
    (Equivalent experience may be considered in lieu of formal education.)

Experience

  • 5 years of experience in cybersecurity, particularly in governance, risk management, compliance (GRC), risk assessment, or audit.

  • Strong experience in cybersecurity project management and budget oversight.

  • Proven experience with NIST CSF, Archer GRC, and compliance monitoring frameworks.

  • Solid background in cyber risk management, process improvement, and security control assessments.

  • Experience in large enterprise or multinational environments.

  • Excellent oral and written communication skills, with the ability to engage and influence senior stakeholders.

Certifications

  • Cybersecurity certification (e.g., CompTIA Security+, CySA+, or equivalent).
  • CISSP, CISM, CTPRP, or other advanced governance and risk management certifications.

Skills

  • Strong knowledge of cyber governance, risk, and compliance frameworks.

  • Proficient with risk assessment methodologies, exception management, and control validation.

  • Excellent analytical, organizational, and strategic planning skills.

  • Comfortable working in cross-functional, global teams and managing competing priorities.

  • Ability to make decisions with incomplete information in dynamic environments.

  • Strong documentation, presentation, and stakeholder management skills.

  • Ability to work independently while collaborating with geographically dispersed teams.

Language Requirements

  • Fluency in written and spoken English (minimum B2+).

About the Position:

  • This is a hybrid position with on-site presence required based on business needs. (Ultra park II Lagunilla, Heredia)
  • Private Medical Insurance
  • Asociacion Solidarista
  • Life Insurance
  • Personal Day Off

Overview

Affirmative Action Statement

Apply Now
Bandera Azul Award
BRC award
View All of Our Available Opportunities

See all of our available opportunities.

See all of our available opportunities.

Haven’t found what you’re looking for?
Sign up for our job alerts..

Join Our Talent Community

Join our Talent Community and be the first to know about our job openings. Select a job category and/or location from the list of options, then click "Add" to create your job alert.

Interested InSearch for a category and select one from the list of suggestions. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Ciberseguridad, Lagunilla, Provincia de Heredia, Costa RicaRemove
Al enviar su información, usted reconoce que ha leído nuestra política de privacidad (opens in new window) y acepta recibir correos electrónicos de Sysco.

Mayca Foodservice , a Sysco Company
FrioNet
Mayca Autoservicio - a Sysco company
Sysco Costa Rica