Senior IT - GRC Analyst

Are you looking for a unique opportunity to be a part of something great? Want to join a 17,000-member team that works on the technology that powers the world around us? Looking for an atmosphere of trust, empowerment, respect, diversity, and communication? How about an opportunity to own a piece of a multi-billion dollar (with a B!) global organization? We offer all that and more at Microchip Technology Inc.

People come to work at Microchip because we help design the technology that runs the world. They stay because our culture supports their growth and stability. They are challenged and driven by an incredible array of products and solutions with unlimited career potential. Microchip’s nationally-recognized Leadership Passage Programs support career growth where we proudly enroll over a thousand people annually. We take pride in our commitment to employee development, values-based decision making, and strong sense of community, driven by our Vision, Mission, and 11 Guiding Values; we affectionately refer to it as the Aggregate System and it’s won us countless awards for diversity and workplace excellence.

Our company is built by dedicated team players who love to challenge the status quo; we did not achieve record revenue and over 30 years of quarterly profitability without a great team dedicated to empowering innovation. People like you.

Visit our careers page to see what exciting opportunities and company perks await!

Job Description:

Job Summary:

Microchip Technology Inc. is seeking an experienced Senior IT GRC Analyst with a strong foundation in IT audit and information security controls to support our compliance initiatives, including ISO 27001 and TISAX. This role will play a key part in maintaining our governance, risk, and compliance frameworks, performing control assessments, and ensuring alignment between IT operations, security, and business objectives.

The ideal candidate has hands-on experience assessing IT controls and risks, collaborating with auditors, and supporting global compliance and certification programs.

Key Responsibilities:

• Support and maintain the Information Security Management System (ISMS) aligned with ISO 27001 and TISAX requirements.
• Perform risk assessments, control testing, and gap analysis to ensure IT controls meet internal and external standards.
• Assist in preparing for internal and external audits, including evidence collection, walkthroughs, and remediation tracking.
• Work closely with IT , security, and business stakeholders to document and strengthen IT general controls (ITGCs).
• Monitor and report on compliance status, control performance, and audit findings.
• Help mature enterprise GRC processes, including risk management, policy governance, and issue tracking.
• Support continuous improvement initiatives in security, compliance, and audit readiness.
• Stay current on emerging standards, frameworks, and best practices (ISO 27001:2022, TISAX, SOC 2, NIST, etc.).

Requirements/Qualifications:

• Bachelor’s degree in information systems, Computer Science, Accounting, or a related field.
• 5+ years of experience in GRC, IT audit, or IT compliance roles.
• Strong understanding of IT General Controls (ITGCs) across domains such as access management, change management, operations, and security.
• Experience supporting ISO 27001, TISAX, SOC 2, or similar compliance frameworks.
• Ability to educate and guide on compliance framework and control implementations.
• Familiarity with risk and control frameworks (e.g., COBIT, NIST, COSO).
• Excellent communication skills and ability to work cross-functionally with global teams.
• Detail-oriented with strong analytical and documentation skills.

Preferred Skills:

• Relevant certifications: CISA, CRISC, CISM, CISSP, and CGEIT.
• Experience using GRC tools such as ServiceNow and Diligent.
• Prior experience in manufacturing or automative environment.

Travel Time:

0% - 25%

To all recruitment agencies: Microchip Technology Inc. does not accept unsolicited agency resumes. Please do not forward resumes to our recruiting team or other Microchip employees. Microchip is not responsible for any fees related to unsolicited resumes.