Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support cyber resilience initiatives and ensure compliance with evolving UK cyber security standards.
- Company: Major Operator of Essential Services focused on enhancing cyber security.
- Benefits: Hybrid working, competitive pay, and the chance to make a real impact.
- Why this job: Join a vital role in strengthening cyber security for essential services.
- Qualifications: Experience in cyber security programmes and knowledge of NIS Regulations required.
- Other info: Opportunity for career growth in a dynamic regulatory environment.
The predicted salary is between 60000 - 75000 £ per year.
Cyber Security Governance, Risk & Compliance Analyst (12-Month Contract) (Outside IR35)
Hybrid – London (1-2 trips per week max)
We are seeking an experienced Cyber Security Governance, Risk & Compliance Analyst to join a major Operator of Essential Services (OES) on an initial 12-month contract. This role plays a key part in strengthening cyber resilience, supporting regulatory compliance activities, and ensuring alignment with the UK’s evolving cyber security standards.
About the Role
- Coordinating and delivering the Annual NIS Self-Assessment and Improvement Report
- Ensuring compliance with NIS Regulations, Ofgem expectations, and the Enhanced Cyber Assessment Framework (ECAF)
- Enhancing and maturing the organisation’s Incident Response Framework
- Designing and delivering scenario-based incident response exercises for senior leadership
- Conducting comprehensive reviews of the Cyber Risk Register
- Supporting assurance activities across NIS, Ofgem, EU and UK regulatory requirements, and the Cyber Security Resilience Bill
- Contributing to planning, coordination, and reporting across the Cyber Security Roadmap
- Providing project and programme management support, including supplier management, RAID tracking and delivery governance
- Supporting ongoing maintenance of the ISMS, including policies, procedures, governance, and assurance tasks
About You
- Strong experience delivering or supporting cyber security programmes, ideally in a regulated sector
- Knowledge of NIS Regulations, CAF, and Ofgem cyber security expectations
- Experience delivering incident response exercises and associated documentation
- A solid understanding of cyber risk management and threat assessment
- Strong communication and stakeholder engagement skills
- The ability to manage multiple workstreams concurrently
- Experience with UK/EU ISMS frameworks (ISO 27001 or similar) is highly beneficial
- A background in sectors such as utilities, energy, transport, or other regulated environments is advantageous
Working Pattern
Hybrid role based in London (1/2 trips per week). Occasional travel expected (Belgium and Norfolk).
Why This Contract
This is an opportunity to have a direct impact on strengthening cyber security resilience within an essential services environment. You will play a central role in regulatory compliance, organisational readiness, and the uplift of key governance and risk processes. If you have strong GRC experience in regulated environments and are looking for a contract where you can make a tangible impact, we would welcome your application.
Senior GRC Analyst in City of London employer: InfoSec People Ltd
Contact Detail:
InfoSec People Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior GRC Analyst in City of London
✨Tip Number 1
Network like a pro! Reach out to folks in the cyber security field, especially those who work in regulated sectors. Attend industry events or webinars to make connections and learn about potential job openings.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of NIS Regulations and Ofgem expectations. Be ready to discuss how your experience aligns with the role's requirements, especially around incident response exercises and cyber risk management.
✨Tip Number 3
Showcase your communication skills! During interviews, highlight your ability to engage stakeholders and manage multiple workstreams. Use examples from your past experiences to demonstrate how you’ve successfully navigated complex projects.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Senior GRC Analyst in City of London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the role of Senior GRC Analyst. Highlight your experience with cyber security programmes and any relevant regulations like NIS and Ofgem. We want to see how your background aligns with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber resilience and how your skills can help us strengthen our compliance efforts. Keep it concise but impactful – we love a good story!
Showcase Relevant Experience: When detailing your past roles, focus on specific projects or initiatives that relate to the responsibilities listed in the job description. We’re keen to see your experience with incident response exercises and risk management, so don’t hold back!
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way for us to keep track of your application and ensure it gets the attention it deserves. Plus, it’s super easy – just a few clicks and you’re done!
How to prepare for a job interview at InfoSec People Ltd
✨Know Your Regulations
Make sure you brush up on NIS Regulations, Ofgem expectations, and the Enhanced Cyber Assessment Framework. Being able to discuss these in detail will show that you’re not just familiar with the terms but understand their implications in a real-world context.
✨Showcase Your Incident Response Skills
Prepare to talk about your experience with incident response exercises. Have specific examples ready where you designed or delivered these exercises, and be ready to discuss the outcomes and lessons learned. This will demonstrate your hands-on experience and strategic thinking.
✨Highlight Your Stakeholder Engagement
Communication is key in this role. Think of examples where you successfully engaged with stakeholders, managed expectations, or navigated complex discussions. This will help illustrate your ability to manage relationships effectively, which is crucial for a Senior GRC Analyst.
✨Demonstrate Project Management Acumen
Be prepared to discuss how you've managed multiple workstreams in the past. Highlight your experience with project management tools and techniques, especially in a regulated environment. This will show that you can handle the complexities of the role and deliver results efficiently.