Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Engage with IT disciplines, manage third-party risks, and enhance supply chain security.
- Company: Join Schroders, a global investment manager with over 200 years of innovation.
- Benefits: Collaborative culture, professional growth, and a commitment to diversity and inclusion.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology.
- Qualifications: Strong stakeholder engagement and understanding of cyber risk management.
- Other info: Dynamic team environment with opportunities for personal development.
The predicted salary is between 36000 - 60000 £ per year.
This is an excellent opportunity for someone who enjoys engaging with a broad range of IT disciplines and stakeholders and thrives in a collaborative team environment. As part of the Cyber Governance and Tech Risk team, reporting to the InfoSec GRC Lead, the successful candidate will be responsible for GRC activities, with a particular emphasis on Third Party Risk Management (TPRM) and Exception Management.
Key responsibilities include:
- Overseeing access management for external staff.
- Supporting the management of third-party cyber incidents within the supply chain.
- Enhancing supporting data related to supply chain risk.
- Managing the Exception Management processes to ensure robust review and effective challenge of approval requests.
Work closely with the Global Information Security team to assess the effectiveness of controls, identify gaps, risk rate findings, and support mitigation planning. Support the Third-Party Risk Management (TPRM) framework, including the management of escalations and remediation activities. Run the exception management processes to ensure issues and approvals are appropriately tracked and reviewed. Translate technical cyber risk topics into clear, business-friendly language for non-technical stakeholders. Liaise with the business and key stakeholders to perform assessments and identify risk exposures. Oversee supply chain due diligence, manage findings, and communicate issues to relevant stakeholders for resolution. Ensure that resilience requirements and considerations are appropriately integrated into TPRM activities. Oversee reporting and management information (MI) on risk reduction progress and remediation status. Respond to client security questionnaires, RFIs, RFPs, and audit requests as needed. Document and design workflows to support a range of information security activities.
The knowledge, experience, and qualifications you need:
- Strong stakeholder engagement skills, enabling effective collaboration across Information Security and Global Technology teams.
- Sound understanding of risk management, particularly regarding cyber threats and regulatory requirements – with a specific knowledge on the cyber TPRM and supply chain risk.
- Demonstrated ability to analyse risks or gaps and manage their remediation through to resolution.
- Proven track record in managing exception requests and effectively articulating risk to the user community.
- Familiarity with the NIST Cybersecurity Framework, ISO***** and operational resilience.
- Willingness to learn and develop governance, risk, and compliance (GRC) skillsets.
- A continuous improvement mind-set challenges the status quo and seeks personal development.
- Excellent verbal and written communication skills.
- An information security qualification (such as CISSP, CISM, or similar) is beneficial but not essential.
- Experience with AI tools and ServiceNow is an advantage.
We recognise potential, whoever you are. Our purpose is to provide excellent investment performance to clients through active management. Diversity of thought facilitated by an inclusive culture will allow us to make better decisions and better achieve our purpose. This is why inclusion and diversity are a strategic priority for us and why we are an equal opportunities employer: you are welcome here regardless of your age, disability, gender identity, religious beliefs, sexual orientation, socio-economic background, or any other protected characteristics.
Infosec Grc Analyst in England employer: Schroders
Contact Detail:
Schroders Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Infosec Grc Analyst in England
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already at Schroders. A friendly chat can open doors and give you insights that a job description just can't.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of GRC and TPRM. Be ready to discuss how you can tackle real-world challenges in cyber risk management. Show them you’re not just a candidate, but a solution!
✨Tip Number 3
Don’t forget to follow up after interviews! A quick thank-you email can keep you top of mind and show your enthusiasm for the role. Plus, it’s a great chance to reiterate why you’re the perfect fit.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen. Plus, you’ll be part of our community from the get-go, which is always a bonus!
We think you need these skills to ace Infosec Grc Analyst in England
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience with GRC activities, especially in Third Party Risk Management. We want to see how your skills align with what we do at StudySmarter!
Showcase Your Communication Skills: Since the role involves translating technical jargon into business-friendly language, give examples of how you've done this in the past. We love clear communicators who can bridge the gap between tech and non-tech folks!
Highlight Your Stakeholder Engagement: We value collaboration, so share instances where you've effectively engaged with various stakeholders. This will show us that you can thrive in our team environment and work well across different IT disciplines.
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and get the ball rolling on your journey with StudySmarter.
How to prepare for a job interview at Schroders
✨Know Your GRC Basics
Make sure you brush up on your Governance, Risk, and Compliance (GRC) knowledge, especially around Third Party Risk Management (TPRM). Be ready to discuss how you would assess risks and manage exceptions, as this will show your understanding of the role's core responsibilities.
✨Engage with Stakeholders
Since the role involves liaising with various stakeholders, practice articulating technical cyber risk topics in a way that's easy for non-technical folks to understand. This will demonstrate your strong communication skills and ability to collaborate effectively.
✨Show Your Problem-Solving Skills
Prepare examples from your past experiences where you've identified gaps in risk management and successfully managed remediation processes. Highlighting your analytical skills and continuous improvement mindset will resonate well with the interviewers.
✨Familiarise Yourself with Frameworks
Get comfortable with the NIST Cybersecurity Framework and ISO standards relevant to the role. Being able to reference these frameworks during your interview will show that you're not only knowledgeable but also serious about staying updated in the field.
