Junior BCP and GRC Analyst

Job DescriptionAbout Us
HiBob helps modern, mid-size businesses transform the way they manage people, giving HR and managers all they need to connect, engage, develop, and retain top talent. Since 2015, we’ve achieved consecutive triple-digit year-over-year growth, all backed by our amazing team of Bobbers from across the globe, making us the choice HRIS of over 1500 midsize and multinational companies.
Our HR platform is intuitive, data-driven, and built for the way people work today: globally, remotely, and collaboratively. Fast-growing companies across the globe such as Monzo, Happy Socks, Gong, Fiverr, and VaynerMedia rely upon Bob to help them create the best work experiences for their people.
Come and be you with us 
Being a Bobber is all about being you. We want you to bring all parts of yourself to work, giving you the freedom and confidence to be the best you and do your best work. If that’s bubbly, shy, precise, funny, bold, kind, honest, brilliant, or anything in between, we’re waiting with open arms. Come join us.
About the Job
 We’re looking for a Junior BCP and GRC Analyst to join our team and help strengthen the organization's resilience and compliance frameworks. In this role, you will support the development and implementation of Business Continuity Plans (BCP), Disaster Recovery (DR) strategies, and security governance practices across the company.
You’ll work closely with IT, Security, Legal, and Operations teams to coordinate drills, write and embed security policies, manage vendor risk assessments, and assist in internal and external audits. This role is ideal for someone who is detail-oriented, proactive, and eager to grow in the fields of risk management, cyber security, and compliance.
If you have strong organizational skills, a good understanding of security standards (such as ISO 27001, SOC 2, GDPR), and thrive in a dynamic, Job Requirements

• 1–2 years of experience in a similar role within a large enterprise or an international consulting firm.
• Understanding of regulatory frameworks and security standards such as SOC 2, ISO 27001, GDPR.
• Familiarity with BCP and DR concepts and basic operational and IT risk management understanding.
• Familiarity with cloud security concepts and multi-cloud environments (AWS).
• Strong time management skills, ability to manage multiple tasks, and meet deadlines independently.
• Fluent English – interviews and daily work will require English communication.
• Academic degree (Bachelor’s or higher) in Business, Information Security, Law, or a related field.
• High attention to detail, strong organizational skills, and a proactive approach.

Optional:

• Professional certifications in information security or risk management (CISA, CRISC, CISM, CISSP, or similar).
• Experience conducting security risk assessments and working with auditors or regulatory bodies.
• Experience working with GRC and security compliance platforms like Panorays, Anecdotes, Vanta, etc.

• Assist in developing, implementing, and maintaining BCP and DR plans across the organization.
• Help coordinate and conduct BCP/DR drills and exercises.
• Write, implement, and embed security policies and procedures according to international standards (ISO, NIST, GDPR, etc.).
• Manage supply chain cyber risks, including assessments of local and international vendors.
• Respond to security questionnaires from customers and prospects.
• Assist with internal audits, external certification audits (e.g., ISO 27001, SOC2), and regulatory assessments.
• Collaborate with IT, Security, Legal, and Operations teams to strengthen resilience and compliance frameworks.