Senior GRC Analyst

This job is brought to you by Jobs/Redefined, the UK\’s leading over-50s age inclusive jobs board.

As a GRC Analyst, you will support the Governance, Risk, and Compliance (GRC) team in protecting user data, company infrastructure, and operations by implementing, monitoring, and improving security controls. You will work closely with cross-functional teams to ensure compliance with regulatory standards and frameworks such as PCI-DSS, ISO27001, SOX, and NIST. Your focus will be on assessing and validating controls, providing data-driven insights, and supporting automation initiatives within the GRC program.

This role offers an exciting opportunity to contribute to an innovative and engineering-led GRC program while developing your skills in governance, risk management, and compliance.

What you\’ll do

1. Support the design, implementation, and monitoring of policies, procedures, and controls for compliance and regulatory activities.
2. Assist in the creation of reports, metrics, and dashboards to measure the effectiveness of security controls and communicate insights to stakeholders.
3. Conduct control validation and risk assessments to ensure alignment with frameworks like PCI-DSS, ISO27001, SOX, and NIST.
4. Collaborate with internal teams to address control deficiencies, manage audits, and ensure remediation plans are executed effectively.
5. Contribute to the automation of GRC processes, integrating with systems across security and privacy teams to improve efficiency and accuracy.
6. Track and monitor GRC KPIs to support continuous improvement and provide actionable insights.
7. Assist in preparing and supporting compliance assessments and audits, ensuring engagement with stakeholders is seamless and empathetic.

Required skills and experience

1. Strong understanding of security standards and control frameworks, including PCI-DSS, ISO27001, SOX, and NIST.
2. Experience in supporting the implementation and automation of GRC processes.
3. Ability to collect, analyze, and report on security performance metrics with accuracy and accountability.
4. Strong interpersonal and communication skills to engage with stakeholders, convey complex concepts simply, and provide empathetic feedback during audits or assessments.
5. Analytical mindset with the ability to identify risks, assess control effectiveness, and recommend improvements.
6. A self-motivated learner with a passion for governance, risk management, and compliance.
7. Familiarity with tools and technologies that support GRC automation is a plus.

About you

1. Strong alignment with company values: Growth, Kindness, Equity, Accountability, and Honesty.
2. Enthusiastic about innovation in GRC practices and frameworks.
3. Skilled at simplifying complex information and presenting it in a clear, actionable way.
4. Open to learning and solving challenges with creativity and urgency.
5. Demonstrates humility, transparency, and accountability in decision-making.
6. This role is ideal for individuals looking to grow their expertise in GRC while contributing to a cutting-edge and collaborative security team.

#J-18808-Ljbffr