At a Glance
- Tasks: Conduct risk assessments and support compliance with security frameworks like ISO 27001.
- Company: Join a forward-thinking organisation dedicated to changing lives through education.
- Benefits: Enjoy 33 days annual leave, flexible benefits, and opportunities for professional growth.
- Other info: Diverse workplace committed to equality and inclusion.
- Why this job: Make a real impact in information security while developing your career in a supportive environment.
- Qualifications: Bachelor's degree in IT or related field; ISO 27001 certifications required.
The predicted salary is between 40000 - 42500 £ per year.
Type of Contract: Permanent
Working Pattern: Full-Time - 40 hrs Per Week
Salary Range: £40,000 to £42,500
Department: IT Infrastructure
Location: Greenford (UB6), West London
Our Vision: Changing lives through education.
We're looking for an Information Security GRC professional to join our team! If you have experience in risk, compliance, and frameworks like ISO 27001 or NIST, this is a great opportunity to make an impact across GBS and the GEDU Group. Please note, we are unable to offer sponsorship for this position.
What The Role Involves
- Perform risk assessments in line with security best practice and GBS/GEDU information security policies and procedures.
- Support the Information Security Manager in maintaining the corporate IS risk register and compiling monthly reporting to Senior Management via monthly and ad-hoc dashboards and summaries.
- Support the Information Security Manager to implement ISO 27001 framework for GBS and GEDU Group.
- Work with stakeholders to identify corrective action plans and reduce risks to acceptable levels.
- Continually improve the information security risk assessment process and documentation.
- Carry out third-party risk assessments for GBS and GEDU group.
- Produce, update and review all information security policies, and provide appropriate training where needed.
- Maintain and ensure compliance with all external regulatory requirements.
- Track and report on external and internal information security audit findings to ensure successful closure and completion.
- Maintain and assist in the regular update and provision of security awareness training to all levels of staff.
- Assist in efforts to plan and track progress toward security certifications (e.g., Cyber Essentials Plus).
- Assist with technical analysis and investigations by working collaboratively with technical analysts and the Information Security Manager.
Qualifications
- Bachelor’s degree in information technology, Computer Science, or a related field.
- ISO 27001 Lead Implementor Certification / ISO 27001 Internal Auditor Certification.
- CGEIT/CRISC/CGRC Certification essential.
Essential Skills And Experience
- Proven experience in implementing ISO 27001 compliance and Business Continuity/ITDR is mandatory.
- Experience in working with Governance Risk Compliance (GRC) and GRC reporting.
- More than 5 years of experience in Information Security, Risk and IT.
- Experience in performing impact, likelihood and risk analyses / assessments.
- Ability to ‘translate’ technical security issues into business risk.
Desirable Skills And Experience
- Knowledge of cyber audit and frameworks desirable.
- Ability to form complex communications/messages/policies in a simple, clear and concise manner to various stakeholders and interested parties.
- Analytical mindset and creative problem-solving links.
What We Offer
- Time off that fits your lifestyle – 33 days annual leave (including bank holidays), 1-day extra leave per year of service (up to 5 days) and Buy/Sell additional holidays (up to 5 days).
- Opportunities for growth – tuition reimbursement for career development courses, wide variety of training courses.
- Pension Scheme and Flexible Benefits (via salary sacrifice) – Cycle to Work, Workplace Nursery, Tech, Health, Dental and Life Assurance schemes, Women's Health scheme (via Hertlity), and much more.
- Discounts, Perks and Employee Assistance: Perks@Work discounts platform, Employee Assistance Programme (EAP), discounted gym membership, eyecare vouchers and much more.
- Reward for your impact – annual salary increase reviews, annual discretionary bonus, £500 award, employee referral scheme.
GBS is committed to equality, diversity and inclusion and providing a workplace free from discrimination or harassment. We welcome applications from all backgrounds and communities. We take our core values seriously and work hard to create an environment where everyone feels welcomed.
Information Security GRC Analyst in London employer: GBS
At GBS, we pride ourselves on being an exceptional employer, offering a supportive work culture that prioritises employee growth and development. Located in Greenford, West London, our team enjoys generous benefits such as 33 days of annual leave, flexible working options, and comprehensive health schemes, all while contributing to our vision of changing lives through education. Join us to make a meaningful impact in the field of Information Security and be part of a diverse and inclusive workplace that values your contributions.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security GRC Analyst in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at local meetups. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by practising common questions related to GRC and ISO 27001. We recommend doing mock interviews with friends or using online platforms to get comfortable with your responses.
✨Tip Number 3
Showcase your skills through real-world examples. When discussing your experience, highlight specific projects where you implemented risk assessments or compliance frameworks. This will make you stand out!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are genuinely interested in joining our team.
We think you need these skills to ace Information Security GRC Analyst in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Information Security GRC Analyst role. Highlight your experience with ISO 27001, risk assessments, and compliance frameworks. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how you can contribute to our mission. Keep it concise but impactful – we love a good story!
Showcase Relevant Experience:When filling out your application, be sure to showcase your relevant experience in risk management and GRC reporting. We’re keen to see how you've tackled challenges in the past and what you’ve learned from them.
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy – just follow the prompts!
How to prepare for a job interview at GBS
✨Know Your Frameworks
Make sure you brush up on ISO 27001 and NIST frameworks before the interview. Be ready to discuss how you've implemented these in past roles, as this will show your practical experience and understanding of compliance.
✨Prepare for Risk Assessments
Since the role involves performing risk assessments, think of specific examples where you've identified risks and implemented corrective actions. Practising how to articulate these experiences can really set you apart.
✨Show Your Analytical Skills
Be prepared to demonstrate your analytical mindset. You might be asked to solve a hypothetical security issue during the interview, so practice explaining your thought process clearly and concisely.
✨Communicate Clearly
The ability to translate technical jargon into simple terms is crucial. Prepare to explain complex security concepts in a way that non-technical stakeholders can understand, showcasing your communication skills.
