At a Glance
- Tasks: Support information security governance, risk management, and compliance initiatives across diverse businesses.
- Company: Purpose-driven organisation focused on technology, education, and innovation.
- Benefits: Competitive salary, generous leave, bonus potential, and excellent learning opportunities.
- Other info: Join a growing team committed to professional development and social purpose.
- Why this job: Make a real impact in information security while developing your career in a collaborative culture.
- Qualifications: Degree in IT or Cyber Security and experience in GRC environments.
The predicted salary is between 40000 - 42500 £ per year.
Are you passionate about information security, governance, risk, and compliance? Do you enjoy helping organisations strengthen their security posture while ensuring regulatory and industry compliance? An exciting opportunity has arisen for an Information Security GRC Analyst to join a growing and purpose-driven organisation where technology, education, and innovation come together to make a meaningful impact. This role offers the chance to work across a diverse group of businesses, supporting information security governance, risk management, compliance initiatives, and certification programmes. Working closely with the Information Security Manager, you will play a key role in shaping and enhancing the organisation's security framework while helping to drive a culture of security awareness and best practice.
Key responsibilities include:
- Conducting information security risk assessments and ensuring alignment with security policies and industry best practice
- Supporting the maintenance and development of the corporate information security risk register
- Producing security reports, dashboards, and risk summaries for senior stakeholders
- Supporting the implementation and ongoing management of ISO 27001 across the wider organisation
- Working with stakeholders to identify, manage, and mitigate security risks
- Conducting third-party supplier and vendor risk assessments
- Developing, reviewing, and maintaining information security policies and procedures
- Monitoring compliance with regulatory, contractual, and industry requirements
- Supporting internal and external security audits and ensuring remediation actions are completed effectively
- Delivering and maintaining security awareness training programmes for employees
- Assisting with certification initiatives including ISO 27001 and Cyber Essentials Plus
- Supporting investigations, technical reviews, and security improvement initiatives alongside technical teams
The successful candidate will possess:
- A degree in Information Technology, Computer Science, Cyber Security, or a related discipline
- Strong experience within Information Security, Governance, Risk, and Compliance (GRC) environments
- Proven experience implementing and maintaining ISO 27001 frameworks
- Experience conducting risk assessments and translating technical risks into meaningful business impact
- Strong understanding of risk management methodologies, compliance frameworks, and security governance principles
- Excellent stakeholder management and communication skills
- Strong analytical and problem-solving abilities
Professional certifications such as ISO 27001 Lead Implementor, ISO 27001 Internal Auditor, CRISC, CGRC, or CGEIT are highly desirable. This role would particularly suit someone looking to further develop their career within information security governance while gaining exposure to a broad range of security, risk, compliance, and business continuity initiatives.
Why join?
You'll be joining an organisation with a strong social purpose, a collaborative culture, and a genuine commitment to professional development. In return, you'll benefit from excellent learning opportunities, a comprehensive benefits package, generous annual leave, bonus potential, and the opportunity to make a real impact within a growing technology and education environment.
Location: Greenford, West London
Contract: Permanent
Working Hours: 40 Hours Per Week
Salary: £40,000 – £42,500
Please note that sponsorship is not available for this position. Please apply directly via LinkedIn.
Information Security GRC Analyst employer: Office Collective
Join a purpose-driven organisation in Greenford, West London, where your passion for information security can thrive. With a collaborative culture and a strong commitment to professional development, you'll enjoy excellent learning opportunities, a comprehensive benefits package, and the chance to make a meaningful impact in the technology and education sectors.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security GRC Analyst
✨Tip Number 1
Network like a pro! Reach out to people in the industry, attend events, and connect with professionals on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Prepare for interviews by researching the company and its security practices. Be ready to discuss how your skills align with their needs, especially around GRC and ISO 27001. Show them you’re not just a fit, but the perfect fit!
✨Tip Number 3
Practice your responses to common interview questions, especially those related to risk management and compliance. Use the STAR method (Situation, Task, Action, Result) to structure your answers and make them impactful.
✨Tip Number 4
Don’t forget to follow up after your interview! A quick thank-you email can leave a lasting impression and shows your enthusiasm for the role. Plus, it keeps you on their radar as they make their decision.
We think you need these skills to ace Information Security GRC Analyst
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Information Security GRC Analyst role. Highlight your experience in information security, governance, risk, and compliance, and don’t forget to mention any relevant certifications you have!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your skills align with our mission at StudySmarter. Keep it concise but impactful!
Showcase Your Achievements:When detailing your experience, focus on specific achievements that demonstrate your ability to conduct risk assessments or implement ISO 27001 frameworks. Numbers and results speak volumes!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity. Don’t miss out!
How to prepare for a job interview at Office Collective
✨Know Your Stuff
Make sure you brush up on your knowledge of information security, governance, risk, and compliance. Familiarise yourself with ISO 27001 and be ready to discuss how you've implemented or maintained it in past roles. This shows you're not just a paper candidate but someone who can bring real value.
✨Showcase Your Experience
Prepare specific examples from your previous work that highlight your experience in conducting risk assessments and managing security policies. Use the STAR method (Situation, Task, Action, Result) to structure your answers, making it easier for interviewers to see your impact.
✨Engage with Stakeholders
Since stakeholder management is key in this role, think about how you've successfully communicated with different teams in the past. Be ready to share stories about how you’ve identified and mitigated risks while working collaboratively with others.
✨Ask Smart Questions
At the end of the interview, don’t forget to ask insightful questions about the company’s current security initiatives or challenges they face. This not only shows your interest but also gives you a chance to demonstrate your knowledge and enthusiasm for the role.