At a Glance
- Tasks: Track and manage information security compliance and audit findings across multiple jurisdictions.
- Company: Join a leading insurance group with a focus on information security.
- Benefits: Competitive salary, career growth opportunities, and exposure to international regulatory frameworks.
- Other info: Great opportunity for career development in a supportive team.
- Why this job: Make a real impact by ensuring compliance and security in a dynamic environment.
- Qualifications: Experience in Information Security GRC or IT audit; strong organisational skills required.
The predicted salary is between 45000 - 55000 £ per year.
The Information Security Governance Risk and Compliance Analyst sits within the corporate Information Security team, which is led by the Information Security Officer and operates within the COO organisation. The team is independent of the compliance, risk, and IT functions. This role reports to the Head of Information Security Governance Risk and Compliance and exists to keep information security audit findings, compliance deliverables, and regulatory commitments moving forward - tracking open items, chasing action owners, and making sure the information security function meets its obligations across audit and compliance workstreams.
The role will work across ISO 27001 audits, penetration tests, and tabletop exercises - making sure findings have owners, owners have deadlines, and deadlines are met. On the compliance side, it will coordinate information security's inputs to Lloyd's Principles Based Oversight (PBO), DORA, GDPR, and regulatory engagements with international supervisors including the Monetary Authority of Singapore, Central Bank of Ireland, and Dubai Financial Services Authority.
This is a mid-level role with room to grow. A successful candidate does not need to have done everything on this list before, but does need to be organised, persistent, and comfortable holding people to account.
Key Responsibilities- Track and drive remediation of all information security-related findings from internal audits, ISO 27001 audits, penetration tests, and tabletop exercises. Maintain accurate registers, hold action owners to deadlines, and escalate slippage.
- Act as the primary information security point of contact for the compliance function across Lloyd's PBO (particularly cyber resilience within the operational resilience pillar), DORA, and GDPR.
- Coordinate information security evidence and inputs for regulatory engagements across multiple jurisdictions, including MAS, CBI, and DFSA.
- Chase and track all information security compliance deliverables, making sure requests from regulators, compliance, and audit are answered accurately and on time.
- Prepare progress updates on open findings, compliance deliverables, and regulatory action items for stakeholders.
- Support the Head of Information Security Governance Risk and Compliance with GRC tooling, tracking, and reporting - producing metrics that give clear visibility of where things stand.
- Build solid working relationships with action owners, compliance, risk, and audit so that chasing things down does not become adversarial.
- Experience in Information Security GRC, IT audit, IT risk, or compliance coordination - ideally in insurance, reinsurance, or the Lloyd's market.
- Familiarity with ISO 27001 and how audit finding remediation works in practice.
- Working knowledge of regulatory regimes relevant to the London market such as Lloyd's PBO and DORA. Experience with international financial regulators is a plus.
- Strong organisational skills - able to track a high volume of open items, deadlines, and dependencies across multiple workstreams without losing grip.
- Clear communicator, written and verbal. Able to produce concise status updates and engage constructively with people at all levels.
- Comfortable working across teams - information security, compliance, audit, and business stakeholders all need to see the role holder as someone who makes their life easier, not harder.
- Experience with GRC platforms or tracking tools and the ability to pull useful reporting from them is a plus.
Audit findings and regulatory commitments do not close themselves. Without someone actively tracking and chasing, items age, deadlines slip, and risk accumulates without anyone noticing until it becomes a problem. This role stops that from happening. In a Lloyd's market business with regulatory obligations spanning multiple jurisdictions, having someone who owns the tracking and coordination of Information Security GRC activity is not optional.
This is also a strong development role. The successful candidate will get direct exposure to ISO 27001 certification, Lloyd's PBO, DORA, international regulatory engagement, and the full audit lifecycle - with the Head of Information Security Governance Risk and Compliance providing direction and support. It is a good role for someone who wants to build a career in this space and is willing to put the work in.
Information Security GRC Analyst - Chaucer Group in London employer: Chaucer Group
At Chaucer Group, we pride ourselves on fostering a dynamic work environment that encourages professional growth and collaboration. As an Information Security GRC Analyst, you will be part of a dedicated team that values accountability and innovation, while also providing opportunities for career advancement in the ever-evolving field of information security. Our commitment to employee development, coupled with our strategic location in the heart of London, makes us an exceptional employer for those seeking meaningful and rewarding careers.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security GRC Analyst - Chaucer Group in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already working at Chaucer Group or similar companies. A friendly chat can open doors and give you insights that might just land you an interview.
✨Tip Number 2
Prepare for the interview by brushing up on ISO 27001 and compliance regulations. We want you to be the go-to person for all things GRC, so show off your knowledge and how you can contribute to the team!
✨Tip Number 3
Practice your communication skills! Being clear and concise is key, especially when discussing complex topics like audit findings and regulatory commitments. We need someone who can make these discussions easy for everyone involved.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining our team at Chaucer Group.
We think you need these skills to ace Information Security GRC Analyst - Chaucer Group in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the Information Security GRC Analyst role. Highlight any relevant experience in information security, compliance, or audit work to show us you’re a great fit!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background aligns with our needs. Don’t forget to mention your organisational skills and ability to hold people accountable.
Showcase Your Communication Skills:Since clear communication is key in this role, make sure your application showcases your written communication skills. Keep it concise and professional, but let your personality shine through so we can see how you’d fit into our team!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates during the process!
How to prepare for a job interview at Chaucer Group
✨Know Your GRC Basics
Make sure you brush up on your knowledge of Information Security Governance, Risk, and Compliance. Familiarise yourself with ISO 27001 and the regulatory frameworks mentioned in the job description, like Lloyd's PBO and DORA. This will show that you're not just interested in the role but also understand the landscape you'll be working in.
✨Demonstrate Organisational Skills
Since this role requires strong organisational skills, prepare examples from your past experiences where you've successfully tracked multiple deadlines or managed various projects simultaneously. Be ready to discuss how you prioritised tasks and ensured nothing slipped through the cracks.
✨Communicate Clearly
Practice articulating your thoughts clearly and concisely. You’ll need to produce status updates and engage with stakeholders at all levels, so being able to communicate effectively is key. Consider doing mock interviews with a friend to refine your delivery.
✨Build Relationships
Think about how you can demonstrate your ability to build solid working relationships across teams. Prepare anecdotes that showcase your collaborative spirit and how you've made processes easier for others in previous roles. This will highlight your fit for a role that requires coordination across various functions.
