Your new company:
HAVI, a global leader since 1974, employs over 10,000 people and serves customers in more than 100 countries. Specializing in the foodservice industry, HAVI provides innovative supply chain and logistics solutions, including analytics, planning, distribution, and freight management.
HAVI’s diverse teams collaborate seamlessly across locations and functions, embodying a spirit of integrity and creativity to serve their customers in the best way possible.
Your new role
The GRC Analyst will be responsible for supporting the development, implementation, and operation of a global cybersecurity governance framework across Europe, Asia and North America, within the Governance Risk and Compliance Department.
This person will combine strong analytical and communication skills with practical knowledge of security standards, risk management, and compliance processes to ensure alignment with regulatory and organizational requirements.
The GRC Analyst will collaborate closely with technical teams, business stakeholders, and compliance functions to ensure consistent governance practices, effective control implementation, and ongoing regulatory alignment.
The GRC Analyst will:
- Support the design, implementation and maintenance of the Information Security Management System (ISMS), aligned with ISO 27001;
- Contribute to compliance initiatives with NIS2 and other regional cybersecurity regulations;
- Conduct and document risk assessments, control testing and remediation follow-ups;
- Drive Risk Management (RM) and Third-Party Risk Management processes lifecycle;
- Prepare and deliver audit support documentation, risk reports, and policy updates;
- Participate in cybersecurity projects as a workstream lead or project contributor.
A typical day will include supporting governance frameworks, performing risk assessments, contributing to compliance initiatives, preparing audit documentation, and collaborating with cross-functional teams to ensure effective security and compliance practices.
What you will need to succeed
As a GRC Analyst, you will need:
- Bachelor’s Degree in Information Security, Computer Science, or a related field;
- +5 years of experience working in Information Security, Risk Management, or IT Governance;
- Certifications in ISO 27001 Auditor, CISM, CRISC, or CISSP (would be a plus);
- Experience in Compliance, Cybersecurity Governance and Risk Management practices;
- Experience with cybersecurity standards and frameworks (ISO 27001, NIST CSF and NIS2 Directive);
- Experience with compliance tools, risk registers or GRC platforms;
- Hands-on experience in participating in cybersecurity projects (as a lead or contributor);
- Strong expertise in ISMS implementation and risk assessment methodologies;
- Advanced knowledge of control testing, audit processes and remediation tracking;
- Strong understanding of cybersecurity governance, regulatory compliance and third-party risk management;
- Familiarity with project management practices or methodologies;
- Strong analytical and problem-solving skills;
- Ability to collaborate effectively in cross functional teams;
- Excellent communication skills – Fluency in English.
What the company can offer you
Have the opportunity to join a cross-functional team in an international company with a multicultural working environment!
Next Steps
If you are interested in this opportunity, please send us your updated CV. If you are looking for another type of professional challenge, please contact us to discuss other career opportunities, always in complete confidence.