At a Glance
- Tasks: Conduct risk assessments and support compliance initiatives to enhance security.
- Company: Leading organisation in Information Security with a focus on governance and compliance.
- Benefits: Flexible leave, career development, health benefits, and performance rewards.
- Other info: Great opportunities for growth and continuous improvement in a supportive environment.
- Why this job: Join a dynamic team to make a real impact on security practices.
- Qualifications: Bachelor's degree in IT or related field with relevant certifications.
The predicted salary is between 55000 - 65000 £ per year.
Our client is seeking an experienced Information Security Risk & Compliance Analyst to support governance, risk management, and compliance initiatives across the organization. This role is critical in ensuring alignment with security frameworks, regulatory standards, and enterprise risk management practices.
Role Overview
The selected candidate will work closely with the Information Security leadership team to manage risk assessments, support compliance frameworks (such as ISO 27001), and strengthen overall security posture. The role involves cross-functional collaboration, continuous process improvement, and active participation in audits and certification efforts.
Key Responsibilities
- Conduct risk assessments in line with security best practices and internal policies
- Support maintenance of the corporate risk register and deliver regular reporting to senior leadership
- Assist in implementing and maintaining ISO 27001 compliance frameworks
- Collaborate with stakeholders to define and track corrective action plans
- Continuously improve risk assessment processes, documentation, and reporting mechanisms
- Perform third-party/vendor risk assessments
- Develop, review, and update information security policies and procedures
- Ensure compliance with external regulatory and internal governance requirements
- Track audit findings and ensure timely remediation and closure
- Support delivery of organization-wide security awareness and training initiatives
- Assist in security certification efforts (e.g., Cyber Essentials Plus)
- Partner with technical teams to support investigations and analysis of security issues
Required Qualifications
- Bachelor’s degree in Information Technology, Computer Science, or related field
- Relevant certifications such as ISO 27001 Lead Implementer or Internal Auditor, along with CGEIT, CRISC, or CGRC
Required Skills & Experience
- 5+ years of experience in Information Security, Risk, or IT
- Proven experience implementing ISO 27001 frameworks and Business Continuity / ITDR initiatives
- Hands-on experience with Governance, Risk, and Compliance (GRC) tools and reporting
- Strong experience conducting risk assessments, including impact and likelihood analysis
- Ability to translate technical security risks into clear business insights
Preferred Skills
- Familiarity with cybersecurity audit practices and frameworks
- Strong written and verbal communication skills to convey complex topics clearly
- Analytical mindset with strong problem-solving capabilities
Key Competencies
- Information Security Governance
- Risk Assessment & Compliance
- ISO 27001 Implementation
- GRC Tools & Reporting
- Audit & Regulatory Compliance
- Stakeholder Communication
- Continuous Improvement
What Our Client Offers
- Competitive benefits package, including flexible leave policies and additional annual leave benefits
- Career development opportunities, including training and tuition reimbursement
- Comprehensive wellbeing and benefits programs (health, dental, life, etc.)
- Employee discounts and assistance programs
- Performance-based rewards, bonuses, and recognition programs
Information Security GRC Analyst in Slough employer: SoTalent
Our client is an exceptional employer located in the vibrant London Area, offering a dynamic work culture that prioritises employee growth and development. With a competitive benefits package, including flexible leave policies and comprehensive wellbeing programs, employees are supported both personally and professionally. The organisation fosters a collaborative environment where continuous improvement is encouraged, making it an ideal place for those seeking meaningful and rewarding careers in Information Security.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security GRC Analyst in Slough
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Prepare for interviews by researching the company and its security practices. Be ready to discuss how your experience aligns with their needs, especially around ISO 27001 and risk assessments.
✨Tip Number 3
Showcase your skills through practical examples. When discussing your past roles, highlight specific projects where you improved compliance or conducted risk assessments successfully.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Information Security GRC Analyst in Slough
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Information Security GRC Analyst role. Highlight your experience with ISO 27001 and risk assessments, as these are key for us. Use specific examples that showcase your skills and achievements in governance, risk management, and compliance.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background aligns with our needs. Be sure to mention any relevant certifications and your experience with GRC tools.
Showcase Your Communication Skills:Since this role involves collaboration with various stakeholders, it's important to demonstrate your strong written communication skills. Make sure your application is clear, concise, and free of jargon, so we can easily understand your qualifications.
Apply Through Our Website:We encourage you to apply directly through our website. This way, your application will be processed more efficiently, and you'll have access to all the latest updates about the position. Plus, it shows us you're keen on joining our team!
How to prepare for a job interview at SoTalent
✨Know Your Frameworks
Make sure you’re well-versed in ISO 27001 and other relevant compliance frameworks. Brush up on how these frameworks apply to the role and be ready to discuss your experience with them during the interview.
✨Showcase Your Risk Assessment Skills
Prepare to talk about specific risk assessments you've conducted. Be ready to explain your methodology, the tools you used, and how you translated technical risks into business insights. Real-life examples will make your answers stand out.
✨Communicate Clearly
Since strong communication skills are key for this role, practice explaining complex security concepts in simple terms. This will demonstrate your ability to collaborate with stakeholders and convey important information effectively.
✨Be Ready for Scenario Questions
Expect scenario-based questions that assess your problem-solving abilities. Think of past experiences where you had to tackle compliance issues or improve processes, and be prepared to discuss the outcomes and lessons learned.
