At a Glance
- Tasks: Support information security governance, risk management, and compliance initiatives across diverse businesses.
- Company: Purpose-driven organisation focused on technology, education, and innovation.
- Benefits: Competitive salary, generous leave, bonus potential, and excellent learning opportunities.
- Other info: Join a growing team with a strong social purpose and commitment to professional development.
- Why this job: Make a real impact in a collaborative culture while developing your career in information security.
- Qualifications: Degree in IT or Cyber Security and experience in GRC environments.
The predicted salary is between 40000 - 42500 £ per year.
Are you passionate about information security, governance, risk, and compliance? Do you enjoy helping organisations strengthen their security posture while ensuring regulatory and industry compliance?
An exciting opportunity has arisen for an Information Security GRC Analyst to join a growing and purpose-driven organisation where technology, education, and innovation come together to make a meaningful impact. This role offers the chance to work across a diverse group of businesses, supporting information security governance, risk management, compliance initiatives, and certification programmes. Working closely with the Information Security Manager, you will play a key role in shaping and enhancing the organisation's security framework while helping to drive a culture of security awareness and best practice.
Key responsibilities include:
- Conducting information security risk assessments and ensuring alignment with security policies and industry best practice
- Supporting the maintenance and development of the corporate information security risk register
- Producing security reports, dashboards, and risk summaries for senior stakeholders
- Supporting the implementation and ongoing management of ISO 27001 across the wider organisation
- Working with stakeholders to identify, manage, and mitigate security risks
- Conducting third-party supplier and vendor risk assessments
- Developing, reviewing, and maintaining information security policies and procedures
- Monitoring compliance with regulatory, contractual, and industry requirements
- Supporting internal and external security audits and ensuring remediation actions are completed effectively
- Delivering and maintaining security awareness training programmes for employees
- Assisting with certification initiatives including ISO 27001 and Cyber Essentials Plus
- Supporting investigations, technical reviews, and security improvement initiatives alongside technical teams
The successful candidate will possess:
- A degree in Information Technology, Computer Science, Cyber Security, or a related discipline
- Strong experience within Information Security, Governance, Risk, and Compliance (GRC) environments
- Proven experience implementing and maintaining ISO 27001 frameworks
- Experience conducting risk assessments and translating technical risks into meaningful business impact
- Strong understanding of risk management methodologies, compliance frameworks, and security governance principles
- Excellent stakeholder management and communication skills
- Strong analytical and problem-solving abilities
Professional certifications such as ISO 27001 Lead Implementor, ISO 27001 Internal Auditor, CRISC, CGRC, or CGEIT are highly desirable.
This role would particularly suit someone looking to further develop their career within information security governance while gaining exposure to a broad range of security, risk, compliance, and business continuity initiatives.
Why join?
You'll be joining an organisation with a strong social purpose, a collaborative culture, and a genuine commitment to professional development. In return, you'll benefit from excellent learning opportunities, a comprehensive benefits package, generous annual leave, bonus potential, and the opportunity to make a real impact within a growing technology and education environment.
Location: Greenford, West London
Contract: Permanent
Working Hours: 40 Hours Per Week
Salary: £40,000 – £42,500
Please note that sponsorship is not available for this position. Please apply directly via LinkedIn.
Information Security GRC Analyst in London employer: Office Collective
Join a purpose-driven organisation in Greenford, West London, where your passion for information security can thrive. With a strong commitment to professional development and a collaborative culture, you'll enjoy excellent learning opportunities, a comprehensive benefits package, and the chance to make a meaningful impact in the technology and education sectors.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security GRC Analyst in London
✨Network Like a Pro
Get out there and connect with folks in the information security field! Attend industry events, webinars, or local meetups. The more people you know, the better your chances of landing that GRC Analyst role.
✨Show Off Your Skills
When you get the chance to chat with potential employers, make sure to highlight your experience with ISO 27001 and risk assessments. Share specific examples of how you've helped organisations improve their security posture – it’ll make you stand out!
✨Tailor Your Approach
Before any interview, do your homework on the company’s security policies and recent initiatives. Tailor your responses to show how your skills align with their needs. This shows you’re genuinely interested and ready to contribute.
✨Apply Through Our Website
Don’t forget to apply directly through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about joining our mission.
We think you need these skills to ace Information Security GRC Analyst in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Information Security GRC Analyst. Highlight your experience with risk assessments, compliance frameworks, and any relevant certifications. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how you can contribute to our mission. Be genuine and let your personality come through – we love seeing the real you!
Showcase Relevant Experience:When detailing your work history, focus on experiences that relate to governance, risk, and compliance. If you've worked on ISO 27001 or similar projects, make sure to highlight those achievements. We’re keen to see how you’ve made an impact in previous roles!
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of getting noticed. It helps us keep track of applications and ensures you’re considered for the role. Plus, it’s super easy – just follow the prompts!
How to prepare for a job interview at Office Collective
✨Know Your Stuff
Make sure you brush up on your knowledge of information security, governance, risk, and compliance. Familiarise yourself with ISO 27001 and be ready to discuss how you've implemented or maintained it in past roles. This will show that you're not just a candidate, but someone who truly understands the field.
✨Showcase Your Experience
Prepare specific examples from your previous work where you've conducted risk assessments or managed compliance initiatives. Use the STAR method (Situation, Task, Action, Result) to structure your answers. This will help you articulate your experience clearly and demonstrate your problem-solving skills.
✨Engage with Stakeholders
Since stakeholder management is key in this role, think about how you've successfully communicated with different teams in the past. Be ready to share examples of how you've built relationships and influenced others to adopt security best practices. This will highlight your communication skills and collaborative approach.
✨Ask Smart Questions
At the end of the interview, don’t forget to ask insightful questions about the company’s security culture or upcoming projects. This shows your genuine interest in the role and helps you assess if the company aligns with your career goals. Plus, it gives you a chance to engage further with the interviewers.