Hewlett Packard Enterprise
Cybersecurity GRC Tool Analyst
This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office.
Who We Are: Hewlett Packard Enterprise is the global edge‑to‑cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.
Job Description: We are seeking a
Cybersecurity GRC Tool Analyst
to analyze the technology requirements of the various functions and processes within the team. This will include administration, features analysis and enhancements, analyzing integrations with related upstream and downstream systems, analysis of data migration, creation of metrics and dashboards, etc. This role will also focus on a strategic solution (including automation and AI), ensuring the GRC platform effectively supports cybersecurity governance and risk management processes across the organization.
What You’ll Do:
Administer and maintain the GRC platform, including configurations, workflows, and reporting dashboards.
Support the integration of the GRC tool with key enterprise systems (e.g., asset inventory, ticketing systems, vulnerability management tools).
Collaborate with cybersecurity, policy, risk, compliance, and IT teams to capture business requirements and translate them into functional tool capabilities.
Assist in onboarding and managing control frameworks (e.g., ISO 27001, SOC 2, NIST CSF, FedRAMP) within the platform.
Monitor data quality, ensure accurate reporting, and maintain platform integrity.
Support control owners and stakeholders in using the GRC platform for assessments, evidence collection, and tracking remediation activities.
Maintain user roles and permissions, ensuring proper access management.
Document processes, workflows, and platform configurations.
Provide training and guidance to end users on tool functionality and best practices.
Coordinate with tool vendors for issue resolution, upgrades, and enhancements.
Key Competencies:
Expert at working with Governance Risk & Compliance platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar).
Strong understanding of cybersecurity and compliance frameworks (e.g., NIST CSF, ISO 27001).
Experience with basic integrations and workflow configurations.
Strong organizational skills and attention to detail.
Ability to work effectively with technical and non‑technical stakeholders.
Excellent documentation, communication, and problem‑solving skills.
Qualifications and Education:
Bachelor’s degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience.
CISSP, ISO 27001 Lead Implementer, or similar.
GRC platform certifications (e.g., Archer Certified Professional, ServiceNow GRC, Drata Admin, OneTrust Certified).
ITIL Foundation (a plus).
Desired Experience:
5‑7 years of experience in Information Security, IT Governance, or Risk Management.
5+ years of experience working with GRC platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar).
Additional Skills: Accountability, Action Planning, Active Learning, Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management, Data Controls, Design Thinking, Development Methodologies, Empathy, Follow‑Through, Growth Mindset, Implementation Methodologies, Infrastructure Design, Intellectual Curiosity, Long Term Planning, Managing Ambiguity.
What We Can Offer You: Health & Wellbeing: We strive to provide our team members and their loved ones with a comprehensive suite of benefits that support their physical, financial, and emotional wellbeing.
Personal & Professional Development: We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have—whether you want to become a knowledge expert in your field or apply your skills to another division.
Unconditional Inclusion: We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.
Let’s Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE.
Salary: USD Annual Salary: $105,500.00 - $243,000.00
CAD Annual Salary: $97,600.00 - $181,000.00
Equal Employment Opportunity: HPE is an Equal Employment Opportunity/Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need.
#J-18808-Ljbffr
Who We Are: Hewlett Packard Enterprise is the global edge‑to‑cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.
Job Description: We are seeking a
Cybersecurity GRC Tool Analyst
to analyze the technology requirements of the various functions and processes within the team. This will include administration, features analysis and enhancements, analyzing integrations with related upstream and downstream systems, analysis of data migration, creation of metrics and dashboards, etc. This role will also focus on a strategic solution (including automation and AI), ensuring the GRC platform effectively supports cybersecurity governance and risk management processes across the organization.
What You’ll Do:
Administer and maintain the GRC platform, including configurations, workflows, and reporting dashboards.
Support the integration of the GRC tool with key enterprise systems (e.g., asset inventory, ticketing systems, vulnerability management tools).
Collaborate with cybersecurity, policy, risk, compliance, and IT teams to capture business requirements and translate them into functional tool capabilities.
Assist in onboarding and managing control frameworks (e.g., ISO 27001, SOC 2, NIST CSF, FedRAMP) within the platform.
Monitor data quality, ensure accurate reporting, and maintain platform integrity.
Support control owners and stakeholders in using the GRC platform for assessments, evidence collection, and tracking remediation activities.
Maintain user roles and permissions, ensuring proper access management.
Document processes, workflows, and platform configurations.
Provide training and guidance to end users on tool functionality and best practices.
Coordinate with tool vendors for issue resolution, upgrades, and enhancements.
Key Competencies:
Expert at working with Governance Risk & Compliance platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar).
Strong understanding of cybersecurity and compliance frameworks (e.g., NIST CSF, ISO 27001).
Experience with basic integrations and workflow configurations.
Strong organizational skills and attention to detail.
Ability to work effectively with technical and non‑technical stakeholders.
Excellent documentation, communication, and problem‑solving skills.
Qualifications and Education:
Bachelor’s degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience.
CISSP, ISO 27001 Lead Implementer, or similar.
GRC platform certifications (e.g., Archer Certified Professional, ServiceNow GRC, Drata Admin, OneTrust Certified).
ITIL Foundation (a plus).
Desired Experience:
5‑7 years of experience in Information Security, IT Governance, or Risk Management.
5+ years of experience working with GRC platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar).
Additional Skills: Accountability, Action Planning, Active Learning, Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management, Data Controls, Design Thinking, Development Methodologies, Empathy, Follow‑Through, Growth Mindset, Implementation Methodologies, Infrastructure Design, Intellectual Curiosity, Long Term Planning, Managing Ambiguity.
What We Can Offer You: Health & Wellbeing: We strive to provide our team members and their loved ones with a comprehensive suite of benefits that support their physical, financial, and emotional wellbeing.
Personal & Professional Development: We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have—whether you want to become a knowledge expert in your field or apply your skills to another division.
Unconditional Inclusion: We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.
Let’s Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE.
Salary: USD Annual Salary: $105,500.00 - $243,000.00
CAD Annual Salary: $97,600.00 - $181,000.00
Equal Employment Opportunity: HPE is an Equal Employment Opportunity/Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need.
#J-18808-Ljbffr