At a Glance
- Tasks: Support risk remediation and audits while collaborating with a dynamic team.
- Company: Join Mitratech, a forward-thinking company focused on compliance and data protection.
- Benefits: Enjoy remote work flexibility, competitive salary, and professional growth opportunities.
- Other info: Dynamic role with opportunities for onsite client visits and diverse project involvement.
- Why this job: Make a real impact in data protection and risk management while learning from experienced consultants.
- Qualifications: 1-2 years in compliance or information security; interest in GRC and risk management.
The predicted salary is between 30000 - 40000 £ per year.
The Mitratech GRC Risk Consultant will be working as part of a small but dynamic and multi-skilled team delivering client-facing professional services across a range of service deliverables.
For the GRC Risk Consultant, this will revolve around supporting risk remediation, audit, and risk advisory activities under the guidance of senior consultants. There will be requirements to support other business functions and the wider team in the delivery of Prevalent services. Whilst the role is 80% home-based remote working, there will be requirements to conduct onsite visits with clients and attend the Mitratech offices.
Key Responsibilities- Supporting the delivery of data protection compliance services in line with the regulatory obligations of our clients
- Assisting senior consultants in conducting risk reviews and contributing to formal report outputs
- Helping clients to develop and track remediation programs
- Supporting remote and onsite audits and control validation activities
- Assisting with vendor assessments for compliance with privacy obligations
- Reviewing client data privacy and protection policies under the direction of senior team members
- Keeping up to date with developments in data protection law and information security best practice
- Supporting stakeholder engagement and ensuring information security and data privacy remains a priority for each client
- Maintaining accurate and up-to-date project and engagement documentation
- 1–2+ years of experience in compliance, information security, data protection, or a related field
- Some exposure to client‑facing services, either through employment or placement, is desirable
- Experience or academic study in relevant subjects such as Cyber Security, Information Security, Law, or a related discipline
- An interest in GRC, data protection, and risk management
- Foundational awareness of information security and data protection standards such as ISO 27001, Cyber Essentials, GDPR, or NIST is desirable
- Awareness of or interest in relevant certifications such as CISMP, CompTIA Security+, or equivalent
- An analytical mindset with an interest in problem solving and understanding complex risk scenarios
- Strong written and verbal communication skills in English
- Natural ability to learn and adapt to new technologies and SaaS tools
- Ability to manage tasks and meet deadlines in a structured and organised manner
- Proactive, self‑driven, and keen to develop professionally
- Able to work both independently and collaboratively as part of a team
- To undertake any other duties as reasonably required
- To work with other departments and colleagues to aid the successful completion of business priorities
- To pull on suitable experience to handle multiple deadlines simultaneously
- To showcase excellent organisational skills
- To think on your feet and use your initiative
- To be fluent in written and verbal English
- To maintain an enthusiastic and positive attitude
- To maintain strong interpersonal skills required to build relationships
- To have a personable disposition
- Strong communication and presentation skills
We are an equal‑opportunity employer that values diversity at all levels. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity, disability, or veteran status.