GRC Analyst
Every successful cybersecurity program requires judicious risk management and informed oversight. This career path is designed to provide you with the foundational knowledge and key skills required to succeed as a GRC Analyst or in any role that involves managing governance, risk, and compliance. Upon completing the career path, you will earn a Credly digital badge that will demonstrate to employers that you’re ready for the job.
16
H
7
M
Intermediate
20000
1
Learners at 96% of Fortune 1000 companies trust Cybrary
.svg){kind=small}
About this Career Path
Effective Leadership and Management is critical to any security-related function. Cybrary’s Leadership and Management Career Path will equip you with essential leadership knowledge and hands-on skills. Over the course of 20+ courses, you will learn Leadership and Management Fundamentals, Soft Skills, Leadership Principles, Cybersecurity Leadership, and Strategic Leadership.
Completing this career path and the associated Assessments will prepare you for pursuing a career as a leader or manager for IT and cybersecurity-related functions.
Skills you'll gain
- Cybersecurity leadership and management fundamentals
- Soft skills
- Leadership principles
- Cybersecurity leadership
Path Outline
Collection Outline
Coming Soon
The Leadership and Management Career Path is expected to release in Q2 of 2025. Sign up now to explore our other leadership courses and content.
Start Learning for FreeLearn
Learn core concepts and get hands-on with key skills.
Governance Basics
In this course, you will be introduced to the basics of governance. You will learn about accountability, transparency and oversight in GRC, as well as the distinctions between governance and management.
Cybersecurity Program Management
In this course, you will be introduced to the foundations of cybersecurity program management. You will learn about cybersecurity roles, teams, and structures, program planning and budgeting as well as supply chain and third-party cybersecurity.
Policies, Standards, and Procedures
In this course, you will be introduced to the hierarchy of policies, standards, procedures. You will also learn about lifecycle management.
Security Controls and Monitoring
In this course, you will be introduced to security controls. You will learn about control frameworks and classifications, how to implement technical security controls as well as monitoring and metrics for controls.
Introduction to Security Auditing
In this course, you will be introduced to the basics of security auditing. You will learn about planning and scoping an audit, executing audit fieldwork as well as analyzing findings and reporting.
Compliance Basics
In this course, you will be introduced to the basics of compliance. You will learn about roles and responsibilities, compliance program structure and maturity models, as well as evidence, documentation and reporting.
GDPR Compliance
In this course, you will be introduced to General Data Protection Regulation (GDPR) Compliance. You will learn about data subject rights, lawful bases and consent, data controllers and processors as well as breach notifications and enforcement.
HIPAA Compliance
In this course, you will be introduced to Health Insurance Portability and Accountability Act (HIPAA) Compliance. You will learn about the privacy, security, and breach notification rules as well as compliance and enforcement.
PCI Compliance
In this course, you will be introduced to PCI DSS, or the Payment Card Industry Data Security Standard. You will learn about the core requirements, assessment process, and how to maintain compliance.
FISMA Compliance
In this course, you will be introduced to Federal Information Security Modernization Act (FISMA) Compliance. You will learn about the NIST Risk Management Framework (RMF), FISMA reporting and metrics, roles and responsibilities, as well as continuous monitoring and maturity.
ISO/IEC 27001 Compliance
In this course, you will be introduced to ISO/IEC 27001 Compliance. You will learn about risk assessment and treatment, as well as certification and continuous improvement.
GLBA Compliance
In this course, you will be introduced to compliance for the Gramm-Leach-Bliley Act (GLBA). You will learn about privacy rule requirements, safeguards rule implementation, compliance roles and training, as well as audit and enforcement.
CMMC Compliance
In this course, you will be introduced to Cybersecurity Maturity Model Certification (CMMC) Compliance. You will learn about the CMMC domains and practices, the assessment and certification, how to maintain compliance as well as how to integrate CMMC with GRC.
Risk Management Basics
In this course, you will be introduced to the basics of risk management. You will learn about roles and responsibilities, the risk management lifecycle, as well as how to measure and communicate risk.
In this course, you will be introduced to the foundations of IT asset management. You will learn about building a complete asset inventory, criticality mapping and business value, asset ownership and accountability, as well as using inventories for risk decision making.
Business Impact Analysis
In this course, you will be introduced to the purpose of a business impact analysis. You will learn about identifying business processes and dependencies, impact assessment and prioritization, as well as how to maintain and update the business impact analysis.
Risk Assessments
In this course, you will be introduced to risk assessments. You will learn how to conduct a risk assessment, qualitative and quantitative techniques, as well as how to integrate risk assessments with GRC.
Risk Profile
In this course, you will be introduced to risk profiles. You will learn how to define a risk profile, build an organizational risk profile, use the risk profile for decision-making, as well as how to report risk posture.
Vulnerability Prioritization
In this course, you will be introduced to vulnerabilities. You will learn about scanning and discovery, prioritization models, how to operationalize vulnerability management, as well as vulnerability governance.
Risk Mitigation
In this course, you will be introduced to mitigation strategies. You will learn about designing effective controls, implementing mitigation plans, monitoring and validating controls, as well as reporting mitigation progress.
Practice
Exercise your problem-solving and creative thinking skills with security-centric puzzles
Case Study: Control Drift
In this challenge, you will review a case study about security controls and monitoring. You will consider the benefits of two approaches to overhauling a monitoring and control assurance program.
Case Study: Policy Fragmentation
In this challenge, you will review a case study about policies, standards & procedures. You will consider the benefits of two approaches to managing a compliance program.
Case Study: Unlawful Data Flow
In this challenge, you will review a case study about GDPR compliance & cross-border data transfers. You will consider the benefits of two approaches to reform the organization’s international data transfer practices.
Case Study: Cardholder Leakage
In this challenge, you will review a case study about payment security and cardholder data mismanagement. You will consider the benefits of two approaches to reforming an existing PCI compliance program.
Case Study: Third-Party Access
In this challenge, you will review a case study about third-party access. You will consider the benefits of real-time monitoring improvements or governance-driven oversight reforms.
Case Study: Change Control Failure
In this challenge, you will review a case study about monitoring and governance. You will consider the benefits of two approaches to reform after a breach.
Prove
Assess your knowledge and skills to identify areas for improvement and measure your growth
Governance
Test your knowledge of Governance to identify strengths, gaps, and weaknesses in areas like program management, policies, standards, and procedures, controls and monitoring, and auditing. Measure your mastery of governance and advance your career with targeted course recommendations.
Compliance
Test your knowledge of Compliance to identify strengths, gaps, and weaknesses in areas like GDPR, HIPAA, PCI DSS, and more. Measure your mastery of compliance and advance your career with targeted course recommendations.
Risk Management
Test your knowledge of Risk Management to identify strengths, gaps, and weaknesses in areas like IT asset inventory & criticality mapping, business impact analysis, risk assessment and mitigation, and vulnerability prioritization. Measure your mastery of risk management and advance your career with targeted course recommendations.
Share Your Achievement
When you complete this path, share your success with your network. Highlighting your new knowledge and skills show peers and potential employers your cybersecurity expertise and commitment to professional growth.
When you complete this collection, share your success with your network. Highlighting your new knowledge and skills show peers and potential employers your cybersecurity expertise and commitment to professional growth.
Train Your Team
Cybrary’s expert-led cybersecurity courses help your team remediate skill gaps and get up-to-date on certifications. Utilize Cybrary to stay ahead of emerging threats and provide team members with clarity on how to learn, grow, and advance their careers within your organization.
Instructors
Instructors
Learn
Learn core concepts and get hands-on with key skills.
Practice
Exercise your problem-solving and creative thinking skills with security-centric puzzles
Prove
Assess your knowledge and skills to identify areas for improvement and measure your growth
Get Hands-on Learning
Put your skills to the test in virtual labs, challenges, and simulated environments.
Measure Your Progress
Track your skills development from lesson to lesson using the Cybrary Skills Tracker.
Connect with the Community
Connect with peers and mentors through our supportive community of cybersecurity professionals.
Success from Our Learners
