GRC Analyst

Job Description

ABOUT US

Seaboard Overseas and Trading Group (SOTG), a division of the Fortune 500 Seaboard Corporation, is a globally integrated leader in agricultural commodity trading, processing, and logistics. With milling facilities in 14 locations across 10 countries and 10 trading offices in 9 countries, we produce approximately two million metric tons of grain-based products annually.

Our vertically integrated approach—spanning procurement, transportation, and processing—ensures quality, consistency, and supply chain efficiency. We manage bulk freight and chartered vessels, overseeing logistics for both in-house and third-party customers. Every year, we source, transport, and market around 14 million metric tons of diverse commodities, supporting food security and economic growth in the regions we serve.

At SOTG, we are driven by innovation, collaboration, and sustainability. Our business model fosters an entrepreneurial mindset, empowering our teams to take ownership, find creative solutions, and drive impact.

GENERAL PURPOSE

As a GRC Analyst, you will play a critical role in advancing the organization’s information security, compliance, and data protection objectives. This position supports the execution of security governance frameworks, risk management initiatives, and compliance monitoring with regulatory standards and corporate policies. You will also contribute to the data protection strategy by assisting in the implementation of classification and data loss prevention (DLP) programs across the enterprise.

Duties And Responsibilities

Support the execution of the enterprise-wide security compliance program with guidance from management.
Conduct periodic gap assessments and audits to validate compliance with internal policies and external frameworks (e.g., NIST 800-53, CIS Benchmarks, ISO standards).
Document and report control failures or compliance gaps to stakeholders and track remediation efforts.
Support internal and external audit activities by gathering evidence, compiling documentation, and coordinating stakeholder interviews.
Collaborate with internal teams, Legal, HR, and third-party auditors to ensure compliance with regulatory and contractual obligations.
Advise on updates to security, privacy, and data protection policies, standards, and procedures.
Perform third-party risk assessments and support vendor due diligence processes to ensure alignment with security and privacy requirements.
Assist in the launch and improvement of data classification pilot programs and help Data Stewards implement data handling standards.
Configure and maintain data protection tools, including DLP and classification solutions (e.g., scan setup, rule tuning, result validation).
Collaborate with cybersecurity teams to optimize technical controls such as DLP, CASB, and encryption for data protection.
Participate in investigations involving potential data incidents or DLP violations, supporting root cause analysis and corrective actions.
Deliver training and awareness initiatives related to secure data handling and classification responsibilities.
Track and report on key performance indicators (KPIs) tied to data protection, classification accuracy, and DLP coverage.
Stay informed on emerging security threats, regulatory changes, and industry compliance trends.
Contribute to enterprise data discovery initiatives to identify and inventory sensitive data assets.
Develop proficiency in classification, data discovery, and DLP tools and assist in configuring, maintaining, and optimizing their use.
Maintain accurate documentation for tool usage, DLP processes, and configuration standards.
Provide support to the GRC team by supplying relevant data for internal audits, risk assessments, and external compliance reporting.
Perform additional tasks and responsibilities as assigned.

Education And Experience

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
Information security certifications such as Security+, CIPT, CISA, or CISSP are considered a plus.
Minimum 3 years of experience in cybersecurity, GRC, or IT compliance role with a focus on policy, risk, or data protection.
Experience supporting audits, assessments, or compliance programs aligned with standards such as NIST, CIS, ISO 27001, or GDPR.
Familiarity with third-party risk management and vendor security evaluations,
Knowledge of data discovery, classification, and DLP solutions; prior tool configuration experience is a plus
Experience implementing and supporting data security tools such as Data Loss Prevention (DLP), classification, or governance technologies.
Solid understanding of data protection principles, including classification, labeling, encryption, and secure data handling.
Strong analytical and problem-solving skills with the ability to assess risks and identify practical, effective solutions.
Demonstrated ability to work across technical and business teams to communicate security requirements clearly and effectively.
Familiarity with regulatory compliance standards and frameworks such as GDPR, CIS 18 etc. and experience supporting associated audits or assessments.
Highly organized with strong attention to detail and the ability to manage multiple tasks or projects simultaneously.
Proficiency in documenting processes, interpreting technical data, and producing reports for diverse stakeholders.

WORKING ENVIRONMENT/PHYSICAL DEMANDS

Work is performed in a professional office environment and involves frequent contact with others as part of Seaboard’s collaborative culture. This position is office-based with frequent travel to Seaboard-affiliated milling sites across Africa, South America, and the Caribbean. While performing the duties of this job, the employee is regularly required to hear and communicate effectively, verbally and in writing, and with sufficient mobility to perform assigned tasks. Regular use of standard office equipment, such as computers and phones, is required. This role may have physical demands including, but not limited to, lifting, bending, pushing, pulling and/or extended sitting and standing. The employee may occasionally lift and/or move up to 20 pounds. The position requires specific vision abilities, including close vision and the ability to adjust focus. The physical demands described above are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

CORE COMPETENCIES

Customer Focus
Manages Complexity
Decision Quality

Action Orientated

Resourcefulness

Drives Results

Communicates Effectively

Instills Trust

Situational Adaptability