Jobs

Senior Governance, Risk, and Compliance (GRC) Analyst


Job details
  • London
  • 1 week ago

Job Title: Senior Governance, Risk, and Compliance (GRC) Analyst

Location: London (Remote) once a month in office for meetings

Salary: £75,000 to £90,000 Depending on experience

Employment Type: Full-Time

Function description:

Support the delivery of the Third-Party Risk / Vendor Management process including managing assessments and tooling.
Play a key role in supporting the Cyber Intelligence, Threat Detection, Crisis Preparedness and Response, Penetration Testing and Vulnerability Management efforts at the OSB.
Support operational workflows by performing risk-based security reviews of operational systems, applications and third-party integrations.
Engage with Technology colleagues and relevant partners to realise the full potential of the OSB's Security Operations capabilities.
Leverage a mix of technologies (detection and prevention), processes and human capital to ensure emerging, new, and existing cyber security threats to the organisation are managed appropriately.

Role Description:

Responsibilities will include:

Monitor external intelligence sources to research and evaluate emerging cyber security and technology developments, threats and vulnerabilities of relevance to the OSB, and determine how to manage them adequately and effectively.
Plan for disaster recovery and create response and contingency plans in the event of security incidents.
Test and evaluate security solutions and advise on how they can be leveraged to address security challenges.
Coordinate penetration testing and 'ethical hacking efforts for the OSB and ensure the delivery of actionable contextualised reports.
Perform security assessments of applications, systems, and networks, to identify potential weaknesses and ensure adequate defence against exploits of applicable vulnerabilities.
Monitor identity and access management, including monitoring for abuse of permissions by authorised system users.
Generate customised reports for both technical and non-technical staff and stakeholders on new threats or vulnerabilities driven by analysis, incidents, and adversary engagement.
Maintain an information security risk register and assist with internal and external audits relating to information security.
Assist with the creation, maintenance and delivery of a cyber security awareness programme for colleagues and other stakeholders.
Be an advocate of Information Security both within the Operations function and throughout the rest of the organisation. Provide advice and guidance to staff and other stakeholders on a wide range of security issues.
Partner with the Technology team and the wider organisation to ensure that activities and projects are secure by design and implementation.

Skills, Competencies, Experience:

Wide experience in a cyber security position
MSSP
CRISC, CISM Qualifications or equivalent preferred
Strong technical background in security controls / operations, system, network security and security frameworks such as SOC, NIST, ISO27002, CIS.
Expert understanding of the elements of cyber malware-space. Specifically, key threat actors and their motivations, attack types, routes of attack, services, and tools.
Extensive experience of Threat Intelligence, Anomaly Detection and Response, Data Leakage Prevention, Intrusion Analysis and SIEM solutions.
Experienced working with, and enabling organisations heavily invested / investing in cloud-based technologies.
Previous relevant experience of working within an international and complex professional services, start-up or highly regulated industry would be an advantage.
Strong analytical and problem-solving skills with ability to balance multiple priorities and meet deadlines, adjust to changing priorities.
Identify and drive opportunities to further enhance the security posture of the OSB.
Experience of working in a Security Operations Centre or partnering with / working for a Managed Security Service Provider would be an advantage.
A hands-on, forward thinker, with a flexible mindset and ability to work in a fast-moving environment that embraces autonomy and is accountable for results.

If you are a forward-thinking cybersecurity professional ready to take on new challenges, we encourage you to apply. Join our client in their mission to enhance security and compliance in a dynamic environment.

Our client is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

Similar Jobs

Governance, Risk and Compliance Manager (GRC)

Governance, Risk and Compliance Manager (GRC Manager)About the Role: The GRC Manager is a senior role within the Information Security team, responsible for maintaining and improving governance and risk frameworks for IT Services. You will define risk and governance processes, including how process owners are identified and the activities to...

London

Senior Information Security Consultant (QSA)

We empower organisations and nations to counter digital threats. Our internationally acclaimed team of digital threat experts and thought leaders work at the cutting-edge of threat detection, continually scanning the horizon for next-generation risks. We use technology to support deep human insight, enabling us to build long-range resilience for clients.We...

Protection Group International London

Senior Consultant, PCI QSA - P2PE | Remote UK

Coalfire SystemsCoalfire is an EEO employer. We celebrate diversity and are committed to respecting one another, embracing individual differences, and creating an inclusive environment for all employees.About CoalfireCoalfire is on a mission to make the world a safer place by solving our clients' hardest cybersecurity challenges. We work at the...

Coalfire Systems Manchester

Senior Security Consultant

Who are we looking for?Bridewell has seen extensive growth over the past few years and as such we are looking for ambitious individuals who are passionate about Cyber Security and are keen to continue to develop and grow with us. You are a client facing security professional, with substantial experience...

Bridewell Consulting London

Senior SAP Security & GRC Specialist - HYBRID

Job DescriptionThe PositionThe SAP Security and GRC Specialist is responsible for the administration, configuration, and support of SAP security and GRC (Governance, Risk, and Compliance) Access Control. This role ensures the security of SAP systems, compliance with internal and external regulations, and effective risk management. The specialist will work closely...

Organon London

Senior Network Cybersecurity Engineer (PSC)

Wood Digital Consulting (DC) is recruiting for a Senior Network Engineer with significant experience in Automation and Control Network design and implementation to support our UK projects.This 4 year project forms part of a 5 year client contract with a potential and likely 3 year extension.The role is intended as...

Wood Woking