Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct risk assessments and manage security incidents to protect vital information.
- Company: Join a leading FTSE 100 brand known for its commitment to information security.
- Benefits: Enjoy a hybrid work model with competitive pay of up to £400 per day.
- Why this job: Be part of a dynamic team shaping cybersecurity practices and making a real impact.
- Qualifications: Cyber Security qualifications like CISA or CISM are essential; strong communication skills required.
- Other info: This is a 3-month contract role based in Northampton, with flexible working options.
The predicted salary is between 48000 - 72000 £ per year.
GRC Analyst with a focus on infosec governance, risk and compliance required by a market leading brand. The information security analyst will assist in establishing and monitoring the corporate information security policy, standards, procedures, guidelines, internal controls and business continuity to ensure critical information is protected, in alignment to Cyber Security best practice and data protection regulation.
The focus of this role will be to represent information security, being able to interpret technical design and how information security best practices should be applied. Also, be able to lead with incident management investigations and conduct risk and vulnerability assessments where appropriate.
Key Accountabilities & Responsibilities- Conduct risk and vulnerability assessments to identify and mitigate security risks.
- Represent information security within projects to ensure best practice is adhered to.
- Coordinate across departments to ensure risk is managed through comprehensive security measures and policies.
- Incident response and management – lead and participate in complex incident investigations.
- Develop and maintain cyber incident response plans and playbooks.
- Conduct post-incident reviews and implement lessons learnt to improve the organisation’s security posture.
- Either Technical Operations Security experience with an interest to work within a governance role or experience working in a Security Governance role.
- Ability to assess system controls based on a documented standard.
- Will be able to demonstrate ability in problem analysis and resolution.
- Strong communication skills to be able to influence best practice at all levels of the organisation, with the ability to explain technical problems to non-technical business stakeholders at all levels.
- Ability to build effective relationships to influence and negotiate business outcomes.
- Experience of working with and presenting findings to Senior Stakeholders.
- Hold recognised Cyber Security qualification (CISA, CISMP, CISM or equivalent).
- Knowledge of industry related frameworks such as ISO27001, PCI DSS.
This role is based in Northampton and is a hybrid position with on average 2 days a week on-site. It is an initial 3 month contract, inside IR35 with a rate of up to circa £400 per day.
Contact Detail:
Ventula Consulting Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Analyst – Information Security - FTSE 100 Market Leader (Northampton)
✨Tip Number 1
Familiarise yourself with the specific frameworks mentioned in the job description, such as ISO27001 and PCI DSS. Being able to discuss these frameworks confidently during your interview will demonstrate your knowledge and commitment to information security.
✨Tip Number 2
Prepare examples of past experiences where you've successfully conducted risk and vulnerability assessments. Be ready to explain your approach and the outcomes, as this will showcase your practical skills and problem-solving abilities.
✨Tip Number 3
Brush up on your incident management skills. Think of scenarios where you led or participated in incident investigations, and be prepared to discuss how you handled them and what you learned from those experiences.
✨Tip Number 4
Since strong communication skills are crucial for this role, practice explaining complex technical concepts in simple terms. This will help you convey your ideas effectively to non-technical stakeholders during the interview.
We think you need these skills to ace GRC Analyst – Information Security - FTSE 100 Market Leader (Northampton)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security governance, risk management, and compliance. Use keywords from the job description to demonstrate that you meet the specific requirements of the GRC Analyst role.
Craft a Compelling Cover Letter: Write a cover letter that showcases your understanding of the company's needs and how your skills align with their goals. Mention your experience with incident management and risk assessments, and explain how you can contribute to their information security posture.
Highlight Relevant Qualifications: Clearly list any recognised Cyber Security qualifications you hold, such as CISA, CISMP, or CISM. This will help establish your credibility and show that you have the necessary knowledge to succeed in the role.
Prepare for Technical Questions: Anticipate technical questions related to information security best practices and frameworks like ISO27001 or PCI DSS. Be ready to explain complex concepts in simple terms, as you'll need to communicate effectively with non-technical stakeholders.
How to prepare for a job interview at Ventula Consulting
✨Understand the Role
Make sure you thoroughly understand the responsibilities of a GRC Analyst in Information Security. Familiarise yourself with key concepts like risk assessments, incident management, and compliance frameworks such as ISO27001 and PCI DSS.
✨Showcase Your Communication Skills
Since this role requires strong communication skills, be prepared to demonstrate how you can explain complex technical issues to non-technical stakeholders. Use examples from your past experiences where you've successfully communicated security concepts.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving abilities. Think about past incidents you've managed or risk assessments you've conducted, and be ready to discuss your approach and the outcomes.
✨Highlight Relevant Qualifications
If you hold any recognised Cyber Security qualifications like CISA, CISMP, or CISM, make sure to mention them during the interview. These credentials can set you apart and demonstrate your commitment to the field.
