GRC Specialist
Wood Mackenzie
Posted
Feb 07, 2026
Location
Remote
Type
Full-time
Mission
What you will drive
Key Responsibilities:
- Collect and organize evidence for SOC2 and other internal audits, track remediation items, and maintain a repository of reusable audit evidence
- Coordinate responses to customer and third-party security questionnaires, collaborate with technical owners, and maintain a knowledge base of pre-approved responses
- Update and maintain the cyber risk register, record new risks, assign owners, track remediation/progress, and document Policy Exception Risk Acceptance approvals
- Contribute data for quarterly risk and compliance dashboards, provide metrics on questionnaire volumes, audit findings, and remediation timelines
Impact
The difference you'll make
This role helps ensure Wood Mackenzie maintains strong governance, risk, and compliance practices, which supports the organization's mission to provide trusted analytics and insights that guide energy and natural resource decisions globally.
Profile
What makes you a great fit
- Experience in IT audit, compliance, or GRC operations
- Familiarity with audit frameworks (SOC2, ISO 27001, GDPR)
- Strong organizational skills for evidence collection and tracking
- Ability to manage multiple concurrent requests and deadlines
- Clear written communication for client questionnaires and reports
- Experience in SaaS, data analytics, or regulated industries
- Exposure to vendor/supplier risk assessments
- Experience using GRC platforms (ServiceNow GRC, Archer, or equivalent)
Benefits
What's in it for you
No specific benefits, compensation, or perks mentioned in the job posting.
About
Inside Wood Mackenzie
Wood Mackenzie is the global leader in analytics, insights and proprietary data across the entire energy and natural resources landscape, guiding decisions of influential energy producers, utilities companies, financial institutions and governments for over 50 years.