Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the creation of incident response playbooks and document security processes.
- Company: Join a dynamic financial services organisation focused on enhancing security operations.
- Benefits: Enjoy remote work flexibility with occasional travel to London for workshops.
- Why this job: Make a real impact by strengthening security documentation in a fast-paced environment.
- Qualifications: Experience in GRC, incident response playbooks, and policy reviews is essential.
- Other info: This is a 4-month contract offering £480/day.
GRC Analyst – Cybersecurity Consultancy
📍 Location: Somerset (Hybrid – occasional travel to client sites or HQ)
💰 Salary: £45,000 – £50,000 + Benefits
🔒 Clearance: Must hold or be eligible for DV clearance
Overview
We’re representing a highly accredited UK cybersecurity consultancy that is seeking a GRC Analyst to join its growing governance, risk, and compliance team.
This role offers the opportunity to work across a diverse portfolio of clients, helping to strengthen their security posture, ensure compliance with regulatory and contractual obligations, and contribute to the ongoing development of robust risk and assurance frameworks.
Ideal for someone with experience in GRC, assurance, or information security, this position provides exposure to high-impact projects within a collaborative, forward-thinking environment.
Key Responsibilities
- Governance & Compliance: Support and maintain compliance frameworks, including ISO 27001, CAF, and other relevant standards.
- Risk Management: Identify, assess, and monitor security risks, ensuring effective mitigation and continuous improvement within the ISMS.
- Audit & Assurance: Plan, conduct, and coordinate internal and external audits, tracking findings and follow-up actions to closure.
- Policy & Control Development: Assist in developing, reviewing, and improving security policies, procedures, and control documentation.
- Supplier & Third-Party Risk: Support assurance activities with suppliers, partners, and service providers to maintain a consistent security baseline.
- Information Governance: Contribute to compliance with data protection regulations such as GDPR and the Data Protection Act 2018.
- Awareness & Training: Promote security best practice through awareness initiatives and collaboration with internal and external stakeholders.
- Stakeholder Engagement: Build strong relationships across technical and business functions to support security governance objectives.
Skills & Experience
Essential:
- Experience within GRC, assurance, risk management, or information security.
- Understanding of risk assessment methodologies and compliance frameworks (e.g. ISO 27001, CAF, NIST).
- Strong communication and reporting skills, with the ability to produce clear, concise documentation.
- Excellent organisation and prioritisation skills with attention to detail.
- Confident engaging with stakeholders at all levels of the business.
Desirable:
- Experience with audit management tools or compliance automation platforms.
- Knowledge of GDPR, Data Protection Act 2018, or similar legislation.
- Degree in Cybersecurity, Information Security, or a related field.
- Professional certifications such as CISA, CISM, CISSP, or ISO 27001 Lead Implementer/Auditor.
Benefits
- Competitive salary and comprehensive benefits package.
- Flexible hybrid working arrangements.
- Access to professional development and certification support.
- Inclusive and supportive culture focused on collaboration and innovation.
- Clear opportunities for career growth and progression within a fast-scaling consultancy.
Core Values
This organisation is driven by collaboration, accountability, and innovation. It fosters a culture of continuous improvement and empowers its people to make meaningful contributions to both client success and the company’s mission of delivering security excellence.
GRC Analyst employer: Maxwell Bond
Contact Detail:
Maxwell Bond Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Analyst
✨Tip Number 1
Familiarise yourself with the latest trends and best practices in Governance, Risk and Compliance. This will not only help you understand the role better but also allow you to speak confidently about how you can contribute to the team during discussions.
✨Tip Number 2
Network with professionals in the GRC field, especially those who have experience in financial services. Engaging with them on platforms like LinkedIn can provide insights into the industry and may even lead to referrals.
✨Tip Number 3
Prepare to discuss specific examples of your past work related to incident response playbooks and policy reviews. Being able to articulate your hands-on experience will demonstrate your capability and readiness for the role.
✨Tip Number 4
Stay updated on compliance regulations relevant to the financial sector. Showing that you are knowledgeable about current laws and standards will set you apart as a candidate who is proactive and well-informed.
We think you need these skills to ace GRC Analyst
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities of a GRC Analyst. Familiarise yourself with governance, risk, and compliance concepts, as well as the specific tasks mentioned in the job description.
Tailor Your CV: Highlight your relevant experience in governance, risk, and compliance. Focus on your skills in writing incident response playbooks and conducting policy reviews. Use specific examples to demonstrate your expertise in these areas.
Craft a Compelling Cover Letter: Write a cover letter that addresses the key requirements of the role. Explain how your background aligns with the needs of the financial services organisation and express your enthusiasm for contributing to their security operations.
Proofread Your Application: Before submitting, carefully proofread your CV and cover letter. Check for any spelling or grammatical errors, and ensure that your documents are clear and professional. A polished application reflects your attention to detail.
How to prepare for a job interview at Maxwell Bond
✨Showcase Your GRC Knowledge
Make sure to highlight your experience in Governance, Risk and Compliance during the interview. Be prepared to discuss specific projects where you've created incident response playbooks or conducted policy reviews, as this will demonstrate your expertise in the field.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Think of examples where you had to respond to incidents or improve security processes, and be ready to explain your thought process and the outcomes.
✨Familiarise Yourself with the Company’s Security Policies
Research the financial services organisation's existing security policies and procedures. This knowledge will not only help you answer questions more effectively but also show your genuine interest in the role and the company.
✨Demonstrate Strong Communication Skills
As a GRC Analyst, you'll need to communicate complex information clearly. Practice explaining technical concepts in simple terms, as this will be crucial when discussing documentation and processes with non-technical stakeholders.