Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Strengthen global security by developing policies and delivering engaging training.
- Company: Join an award-winning company committed to ethical practices and diversity.
- Benefits: Earn up to £75,000 with bonuses, discounts, and private health insurance.
- Other info: Flexible hybrid work environment with excellent career progression opportunities.
- Why this job: Make a real impact in cybersecurity while advancing your career.
- Qualifications: Experience in GRC tools, strong communication skills, and knowledge of compliance regulations.
The predicted salary is between 54000 - 84000 £ per year.
The Governance, Risk & Compliance (GRC) Analyst will play a key role in strengthening our global security posture by supporting the development and maintenance of information security policies, delivering engaging security training, coordinating phishing simulations, and contributing to enterprise-wide risk management activities. This role is ideal for someone with a strong understanding of cybersecurity best practices and the ability to translate them into practical improvements across systems and business processes. You will help drive complex GRC initiatives from inception to successful delivery, ensuring alignment with relevant compliance frameworks and supporting a culture of continuous security enhancement.
What you can expect as a Governance, Risk & Compliance Analyst:
- Salary of up to £75,000
- Perm Hybrid or able to travel – Flexible
- Competitive salary and a fantastic bonus scheme
- Entitled to loads of great benefits including discount and cash back on hundreds of high-street shops and private health insurance
Key responsibilities include:
- Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals
- Prepare and deliver information security training, education, and awareness activities appropriate for target audiences
- Evaluate effectiveness of information security controls and recommend remediation or control re-design guidance where necessary
- Fine tune and drive adoption of an information security risk assessment framework and related processes; maintain Information Security risk registers and perform annual assessments
- Maintain knowledge of FTC Safeguards, PCI DSS, ISO 27001, and NIST CSF and ensure organizational compliance
- Partner with business leaders to gain a deeper understanding of their needs and provide solutions that meet their goals and objectives while aligning with security best practices and policy
- Maintain working knowledge of data privacy laws and regulations
- Mentor junior members of the GRC Team and support their professional development
We are looking for someone with:
- Proficiency in using GRC tools and software to streamline and automate risk and compliance processes (i.e., AuditBoard)
- Skilled in audit management and experience liaising with third party auditors
- Able to work in a complex, global environment, actively and effectively managing relationships with other business units and stakeholders
- Skilled in communicating technical requirements with non-technical stakeholders
- Excellent oral and written communication skills
- Excellent problem solving and analytical skills
- Strong time management skills, including effective responsibility prioritisation
- Strong analytical and problem-solving skills to identify and assess security risks and develop appropriate mitigation strategies
- Familiarity with relevant industry regulations and compliance requirements such as GDPR, CCPA, SOX, etc.
- Familiarity with various cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls, etc.
If this sounds like you and you’d like to join our rapidly expanding company that offers excellent career progression, then apply now.
Working for Cabot: You’ll be working for an award winning; Investors in People Gold accredited organisation. We’re passionate about the ethical treatment of our customers and employees. Our mission is to create pathways to economic freedom. Our vision is to make credit accessible by partnering with our consumers to restore their financial health. Diversity and inclusion are very important to us at Cabot, and we value a multitude of diverse talent within our business. We want everyone to be themselves at work and encourage a culture that includes everyone. Our policies ensure that every candidate and employee are treated fairly and with equal opportunities.
At Cabot we are highly regulated by our clients, as such, any successful candidates will have to undergo a basic credit check and criminal background check. Please note that we are unable to proceed to interview stage if a CCJ, IVA or Bankruptcy appears on a credit file, or if you do not have full right to work in the UK – we are unfortunately unable to offer sponsorship.
Principle GRC Analyst employer: Cabot Financial
Contact Detail:
Cabot Financial Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Principle GRC Analyst
✨Tip Number 1
Network like a pro! Reach out to folks in the GRC field on LinkedIn or at industry events. A friendly chat can lead to opportunities that aren’t even advertised yet.
✨Tip Number 2
Show off your skills! Create a portfolio or a blog where you share insights on cybersecurity best practices and GRC frameworks. This not only showcases your expertise but also demonstrates your passion for the field.
✨Tip Number 3
Prepare for interviews by brushing up on common GRC scenarios and case studies. Practise explaining complex concepts in simple terms, as you'll need to communicate effectively with non-technical stakeholders.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are genuinely interested in joining our team.
We think you need these skills to ace Principle GRC Analyst
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience with GRC tools and cybersecurity best practices. We want to see how your skills align with the role, so don’t hold back on showcasing your relevant achievements!
Show Off Your Communication Skills: Since this role involves liaising with both technical and non-technical stakeholders, it’s crucial to demonstrate your ability to communicate complex ideas clearly. Use examples in your application that illustrate how you've successfully done this in the past.
Highlight Your Problem-Solving Abilities: We’re looking for someone who can identify security risks and develop effective mitigation strategies. Include specific instances where you’ve tackled challenges in previous roles, especially those related to compliance and risk management.
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at Cabot!
How to prepare for a job interview at Cabot Financial
✨Know Your GRC Frameworks
Make sure you brush up on your knowledge of relevant frameworks like NIST, ISO 27001, and PCI DSS. Be ready to discuss how you've applied these in past roles or how you would implement them in this new position.
✨Showcase Your Communication Skills
As a GRC Analyst, you'll need to communicate complex security concepts to non-technical stakeholders. Prepare examples of how you've successfully done this before, and practice explaining technical terms in simple language.
✨Prepare for Scenario-Based Questions
Expect questions that ask how you would handle specific risk management scenarios. Think through potential challenges you might face in the role and be ready to discuss your problem-solving approach and strategies.
✨Demonstrate Your Mentorship Experience
Since mentoring junior team members is part of the role, be prepared to share your experiences in guiding others. Highlight any training sessions you've led or how you've supported colleagues in their professional development.