Information Security Analyst - GRC platform
About this role
What you will do
This role supports and improves the company’s information security and compliance program. You’ll manage Governance, Risk & Compliance (GRC) tools, automate compliance processes, and work with IT, Security, and Audit teams to strengthen controls and support audits.
How you will do it
GRC Tooling, Administration & Automation
Manage and maintain GRC/compliance tools used for control monitoring, evidence collection, risk assessments, and issue tracking.
Automate compliance workflows, integrate tools with systems like IAM and ticketing, and create dashboards and reports.
Controls, Compliance Frameworks & Audit Support
Support security controls aligned with ISO 27001, SOC 2, PCI DSS, and IT General Controls.
Translate audit and compliance requirements into tooling workflows and support audit evidence collection and traceability.
Cross-Functional Partnership
Work with IT Compliance, Risk, Security, and Engineering teams to define controls and improve processes.
Clearly communicate requirements and status to both technical and non‑technical stakeholders.
Operational Support & Documentation
Handle daily administration of compliance tools, including access, configuration, and data quality.
Troubleshoot tool issues and maintain documentation, configurations, and standard operating procedures (SOPs).
Data Quality & Evidence Management
Define and enforce standards for compliance evidence (naming, retention, versioning).
Ensure evidence is accurate, complete, and audit‑ready.
What we look for
Required
Experience in IT Compliance, IT Audit, or Information Security.
Understanding of IT controls, risk management, or compliance frameworks.
Experience with supporting automation (e.g., workflow automation, scripting, integrations, or reporting).
Familiarity with GRC or related tools (e.g., ServiceNow GRC, OneTrust, Jira, SIEM/SOAR, IAM platforms).
Ability to turn compliance requirements into technical solutions.
Preferred
Experience with AuditBoard (CrossComply) or similar GRC platforms for control management, evidence collection, and audit workflows.
Exposure to SOX ITGC, SOC 1/2, or ISO 27001.
Reporting and analytics skills (Power BI, Excel).
Scripting or automation experience (Python, PowerShell, APIs).
Relevant certifications (CISA, CISSP, CRISC, ISO 27001).
Our salary and benefits
The initial basic salary for this position will be in the range of €2,430 – €3,807 per month, plus a 13th month salary applied after your first 6 months in the job. The final package will reflect your experience, skills, and qualifications relevant to the role. We are committed to fair, equitable, and gender-neutral pay practices.
At Johnson Controls, your work comes with benefits that support both your career and your wellbeing.
Meal vouchers fully covered by the company.
Flexible benefits budget with access to 3,500+ options, including a MultiSport card, medical and wellness services.
Extra savings through retail and lifestyle discounts (Benefit+).
Allowance for the private kindergarten or nursery to support your family.
Flexible working hours and home office days (12 days per month with allowance).
Allowance for language courses, professional development support, and wellbeing support.
On site benefits: massages, distribution of fruits, yoga, psychologist, health month, various events with supporting groups (volunteering activities, branding activities).
Seniority benefits - extra monthly financial allowance, medical care and support, wellbeing day.
Relocation support with housing allowance if moving to Slovakia.
About Us
Johnson Controls, a global leader in thermal management, mission-critical building systems, energy efficiency, and decarbonization, helps customers use energy more productively, reduce carbon emissions, and operate with the precision and resilience required in rapidly expanding industries such as data centers, healthcare, pharmaceuticals, advanced manufacturing, and higher education.
For more than 140 years, Johnson Controls has delivered performance where it really matters. Backed by advanced technology, lifecycle services and an industry-leading field organization, we elevate customer performance, turn goals into real-world results and help move society forward.
We are committed to diversity and inclusion and believe that different perspectives make us stronger. By encouraging open dialogue and valuing individuality, we strive to be one of the most desirable places to work.
#LI-BB1
#LI-Hybrid
Frequently Asked Questions
What is the salary for the Information Security Analyst - GRC platform role at jci?
Where is the Information Security Analyst - GRC platform position at jci located?
Is the Information Security Analyst - GRC platform role at jci full-time or part-time?
Which team or department does the Information Security Analyst - GRC platform at jci belong to?
How do I apply for the Information Security Analyst - GRC platform position at jci?
You'll be redirected to jci's official application page on Workday.