Information Security - GRC Analyst

About The Position

Requirements

• Exceptional attention to detail
• Strong written communication skills
• Professional discretion handling sensitive information
• Foundational understanding of information security concepts (access control, encryption, incident response)
• Exposure or interest in ISO/IEC 27001 or AI governance frameworks (ISO/IEC 42001)
• Suitable for junior candidates (1–3 years) in security, IT, risk, compliance, audit, or related fields, or equivalent demonstrated capability.
• Minimum requirement: Candidate must hold or be able to achieve the ISC2 Certified in Cybersecurity (CC) certification within an agreed onboarding period (company-supported).

Nice To Haves

• Experience supporting audits, vendor risk reviews or privacy compliance is advantageous
• Familiarity with GRC/ticketing/documentation platforms (e.g., ServiceNow/Jira)
• Bachelor’s degree in information security, IT, Risk Management, Compliance, or similar is beneficial but not required with relevant experience.

Responsibilities

• Governance & Management System Support: Maintain documentation and evidence for ISO/IEC 27001 & ISO/IEC 42001; support continual improvement activities.
• Client MSA & Security Requirements Review: Extract and document security requirements from client MSAs; identify gaps and risks; coordinate with Legal and Privacy teams.
• Audit Support: Coordinate internal and client audit requests; collect evidence; ensure traceability between requirements, controls, and evidence.
• Risk Management & Exceptions: Assist with risk assessments for vendors/projects; maintain risk registers; support exception workflows.
• Supplier Reviews: Assess third-party security submissions; track supplier risk ratings and remediation actions.
• Compliance Support: Help map regulatory requirements (HIPAA, GDPR, APPI) to internal controls; maintain compliance documentation.
• Reporting & Improvement: Produce operational reports on audit status/risk metrics; contribute to process improvements.

Benefits

• You'll receive up to a 7% pension contribution, life insurance, income protection, and private medical insurance for peace of mind.
• Enjoy flexible working arrangements, including flexible hybrid working, along with the option to work from anywhere across the globe two weeks each year.
• We provide 25 days of annual leave plus two personal well-being days, along with gifted end-of-year holidays and an early Summer Friday finish in June, July, and August.
• Access free counselling through our employee assistance program, as well as personalized health support.
• Enhanced maternity, paternity, family leave, and fertility policies provide support across every stage of your family-planning journey, as well as on-demand support from our partner Peppy.
• You can also benefit from continuous opportunities to professionally develop with on-demand training, support, and global mobility opportunities across the business.