GRC Analyst

Victoria, Greater London
1 month ago
Create job alert

GRC Analyst – 3-month contract – Fully Remote

My Customer is looking for an experienced GRC Analyst to join the organisation to strengthen governance, risk, and compliance practices and will lead the delivery of ISO 27001 certification within the next 12 months.

The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation to contracts and vendor relationships is essential.

Key Skills & Experience from the GRC Analyst:

Proven experience in a GRC, security risk, or compliance role
Certifications for ISO 27001 (Lead Implementer/Auditor), would be required
Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS, and data protection standards
Onboarding/vendor risk management experience
Hands-on experience supporting or leading ISO 27001 certification activities
Solid understanding of risk assessment, control design, and audit processes
Experience working with GRC tooling, evidence management, and reporting
Experience/Knowledge around high volume data process would be beneficial
Strong documentation, communication, and organisational skills
Experience operating in regulated or security-conscious environments
Experience in the Finance Sector would be beneficial
Key Responsibilities of the GRC Analyst:

Develop and maintain security policies, standards, and procedures aligned to recognised frameworks
Lead ISO 27001 readiness and certification activities, including ISMS support and audit coordination
Conduct risk assessments across systems, processes, and third parties, tracking remediation actions
PoC for legal department - onboarding/vendor/contract risk management
Act as the primary liaison for internal stakeholders and external auditors
Design, test, and monitor security and compliance controls, ensuring evidence is audit-ready
Manage GRC tools and reporting to provide clear insight into risk and compliance posture
Embed security and risk considerations into projects, suppliers, and business initiatives
Monitor regulatory and standards changes and advise on required organisational updates
The GRC Analyst can work fully remote for the duration of the contract.

Apply now to speak with VIQU IT in confidence. Or reach out to Connor Smal via the VIQU IT website.

Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply).

For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment

Related Jobs

View all jobs

Cyber Risk Analyst

Security Governance & Compliance Analyst - NIST, ISO

Penetration Tester

Information Security GRC Lead

Information Security Specialist

Information Security Technical Assurance Lead

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

Jobs

What Hiring Managers Look for First in Cyber Security Job Applications (UK Guide)

If you want to stand out in the highly competitive world of cyber security job applications, you need to understand what hiring managers look for before they even finish reading a CV. Cyber security hiring managers scan applications quickly and with specific priorities in mind. They assess not just your technical ability, but your judgement, professionalism, clarity, risk awareness and evidence of impact. This guide explains what hiring managers look for first in cyber security applications across roles like Security Analyst, Security Engineer, Penetration Tester, Incident Responder, Security Architect, Governance Risk and Compliance specialists and Cloud Security positions. Use this as a practical, step-by-step checklist to sharpen your CV, LinkedIn profile, cover letter and portfolio before you apply on www.cybersecurityjobs.tech .

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.