Senior Governance, Risk, and Compliance (GRC) Analyst

London
1 month ago
Applications closed

Related Jobs

View all jobs

Senior Governance Risk & Compliance Specialist

Senior Cyber Governance Analyst

Cybersecurity Architect / Security Architect

Security Engineer - Governance, Risk and Compliance (GRC), London New London

Senior Data Protection Manager - 6 month FTC

Microsoft Entra and Purview Engineer/ Architect

Job Title: Senior Governance, Risk, and Compliance (GRC) Analyst

Location: London (Remote) once a month in office for meetings

Salary: £75,000 to £90,000 Depending on experience

Employment Type: Full-Time

Function description:

Support the delivery of the Third-Party Risk / Vendor Management process including managing assessments and tooling.
Play a key role in supporting the Cyber Intelligence, Threat Detection, Crisis Preparedness and Response, Penetration Testing and Vulnerability Management efforts at the OSB.
Support operational workflows by performing risk-based security reviews of operational systems, applications and third-party integrations.
Engage with Technology colleagues and relevant partners to realise the full potential of the OSB's Security Operations capabilities.
Leverage a mix of technologies (detection and prevention), processes and human capital to ensure emerging, new, and existing cyber security threats to the organisation are managed appropriately.

Role Description:

Responsibilities will include:

Monitor external intelligence sources to research and evaluate emerging cyber security and technology developments, threats and vulnerabilities of relevance to the OSB, and determine how to manage them adequately and effectively.
Plan for disaster recovery and create response and contingency plans in the event of security incidents.
Test and evaluate security solutions and advise on how they can be leveraged to address security challenges.
Coordinate penetration testing and 'ethical hacking efforts for the OSB and ensure the delivery of actionable contextualised reports.
Perform security assessments of applications, systems, and networks, to identify potential weaknesses and ensure adequate defence against exploits of applicable vulnerabilities.
Monitor identity and access management, including monitoring for abuse of permissions by authorised system users.
Generate customised reports for both technical and non-technical staff and stakeholders on new threats or vulnerabilities driven by analysis, incidents, and adversary engagement.
Maintain an information security risk register and assist with internal and external audits relating to information security.
Assist with the creation, maintenance and delivery of a cyber security awareness programme for colleagues and other stakeholders.
Be an advocate of Information Security both within the Operations function and throughout the rest of the organisation. Provide advice and guidance to staff and other stakeholders on a wide range of security issues.
Partner with the Technology team and the wider organisation to ensure that activities and projects are secure by design and implementation.

Skills, Competencies, Experience:

Wide experience in a cyber security position
MSSP
CRISC, CISM Qualifications or equivalent preferred
Strong technical background in security controls / operations, system, network security and security frameworks such as SOC, NIST, ISO27002, CIS.
Expert understanding of the elements of cyber malware-space. Specifically, key threat actors and their motivations, attack types, routes of attack, services, and tools.
Extensive experience of Threat Intelligence, Anomaly Detection and Response, Data Leakage Prevention, Intrusion Analysis and SIEM solutions.
Experienced working with, and enabling organisations heavily invested / investing in cloud-based technologies.
Previous relevant experience of working within an international and complex professional services, start-up or highly regulated industry would be an advantage.
Strong analytical and problem-solving skills with ability to balance multiple priorities and meet deadlines, adjust to changing priorities.
Identify and drive opportunities to further enhance the security posture of the OSB.
Experience of working in a Security Operations Centre or partnering with / working for a Managed Security Service Provider would be an advantage.
A hands-on, forward thinker, with a flexible mindset and ability to work in a fast-moving environment that embraces autonomy and is accountable for results.

If you are a forward-thinking cybersecurity professional ready to take on new challenges, we encourage you to apply. Join our client in their mission to enhance security and compliance in a dynamic environment.

Our client is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers Jobs

10 Must-Read Cyber Security Books for UK Professionals: Boost Your Career and Stay Ahead of Threats

With rapid advancements in digital infrastructure, cloud computing, and the Internet of Things (IoT), cyber threats continue to evolve at lightning speed. For organisations across the UK—and globally—robust cyber security is no longer optional: It’s a strategic imperative. From healthcare and finance to government agencies and tech start-ups, every sector needs skilled professionals to safeguard critical data and protect users. If you’re looking to break into or advance within the cyber security industry, staying updated on the latest techniques, threat landscapes, and defence strategies is paramount. One of the best ways to build and sharpen your expertise is by reading authoritative, high-quality books that combine foundational knowledge with cutting-edge insights. In this guide, we’ve compiled a list of ten books that cater to various skill levels, spanning ethical hacking and threat intelligence to secure software development and cryptography. By diving into these resources, you’ll fortify your understanding of cyber security fundamentals, explore hands-on techniques for defending systems, and gain the strategic perspective needed to excel in roles throughout the UK’s thriving cyber security landscape.

Careers

Navigating Cybersecurity Career Fairs Like a Pro: Preparing Your Pitch, Questions to Ask, and Follow-Up Strategies to Stand Out

In a world where digital threats are escalating and online infrastructure underpins nearly every aspect of our personal and professional lives, cybersecurity has swiftly become one of the most sought-after career fields. Demand for skilled cybersecurity professionals outstrips supply, both in the UK and globally. From ethical hackers and penetration testers to governance, risk, and compliance (GRC) specialists, the opportunities are extensive—and lucrative. Amidst this surge in demand, cybersecurity career fairs provide an invaluable chance to meet potential employers face-to-face, gain industry insights, and make connections that can accelerate your career trajectory. Unlike applying to countless jobs online, these events bring companies, security leaders, and aspiring candidates together under one roof. When approached with the right strategy, a single conversation at a cybersecurity fair can open the door to your dream job. In this comprehensive guide, we’ll explore how to prepare thoroughly, engage confidently, and follow up effectively after a cybersecurity career fair. By incorporating these insights into your approach, you’ll stand out from the crowd and maximise your chances of securing the perfect role in this fast-growing field.

Jobs

Common Pitfalls Cyber Security Job Seekers Face and How to Avoid Them

The cyber security industry in the UK and worldwide is experiencing rapid growth. With cyber attacks growing in sophistication and frequency, organisations are investing more resources than ever into defending their digital assets. From penetration testers and threat analysts to security architects and compliance officers, cyber security professionals are in high demand across a variety of sectors—including finance, healthcare, government, and retail. Yet, in spite of this high demand, the process of landing a cyber security role can be more challenging than many candidates anticipate. The stakes are high: prospective employers entrust cyber professionals with their most sensitive data, their compliance posture, and often their core business operations. Therefore, they’re looking for candidates who can demonstrate not just technical know-how, but also excellent communication, adaptability, and an awareness of the broader business context. In this article, we’ll explore the most common pitfalls that cyber security job seekers face, especially in the UK market, and how to avoid them. Whether you’re a recent graduate, a professional transitioning from a different field, or an experienced practitioner aiming for a senior role, these insights will help you stand out and secure the opportunities that fit your skill set and career goals.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.