Governance, Risk & Compliance (GRC) Analyst in Edinburgh

Location: Remote - UK

Job Type: Full-time, Permanent

Salary: Competitive, based on experience + benefits + package

Security Clearance Requirements: Please note that holding a current Security Clearance is not essential at the time of application, but eligibility is required. This role requires the successful candidate to be eligible for Security Check (SC) clearance. To meet this requirement, applicants must:

• Have the right to work in the UK
• Have lived in the UK continuously for the past 5 years
• Not have spent more than 6 months outside the UK in total during that period
• Be willing to undergo security vetting as part of the onboarding process

About Us: Come and be a part of The Investigo Group (TIG), a dynamic coalition of cutting‐edge tech firms specialising in Platform, Software, Data, AI and other bleeding‐edge technology solutions. Our innovative prowess spans the globe while proudly hailing from the United Kingdom. The group is multi‐functional with a large portfolio of B2B products and services.

About You: You are someone who enjoys bringing structure, clarity and assurance to complex environments. You have a strong interest in governance, risk and compliance, and understand how effective security frameworks help organisations operate confidently and securely. You are comfortable working across policies, frameworks, risk registers and audits, but equally enjoy collaborating with colleagues across the business to translate security and compliance requirements into practical, real‐world processes. You take a methodical, detail‐oriented approach to your work and are confident analysing risk, identifying gaps and helping implement improvements. Most importantly, you bring a collaborative mindset, curiosity and a proactive approach to strengthening security and governance across the organisation.

About The Role: We are looking for a Governance, Risk & Compliance (GRC) Analyst to join our Security Team and support the ongoing development of our governance and compliance capabilities. Working closely with the Deputy Head of Security, you will help maintain and strengthen the organisation's Information Security Management System (ISMS) while supporting risk management, regulatory compliance and third‐party assurance activities.

Key Objectives:

• Supporting the ongoing development and improvement of the organisation's governance and compliance frameworks
• Maintaining and strengthening our ISO 27001 aligned Information Security Management System
• Facilitating enterprise risk management processes, including risk identification and tracking
• Supporting third‐party and supply chain risk assurance
• Contributing to the implementation and ongoing management of a GRC platform
• Supporting internal and external audit preparation
• Helping embed a strong security and compliance culture across the organisation

Requirements: We are looking for someone who is analytical, organised and comfortable working within structured governance frameworks. You should enjoy working across risk, compliance and security governance, while being able to communicate requirements clearly to both technical and non‐technical stakeholders. This role suits someone who takes a methodical and detail‐oriented approach, enjoys solving problems and is motivated by helping organisations manage risk and maintain strong security practices.

Essential Experience & Skills:

• Experience supporting risk assessments and risk registers
• Familiarity with governance and compliance frameworks such as ISO 27001, NIST or CIS
• Understanding of data protection and privacy principles
• Experience maintaining policies, standards and control documentation
• Ability to analyse risks and communicate findings clearly
• Strong organisational skills with attention to detail
• Experience working within security, compliance, risk or governance functions

Soft Skills & Behaviours:

• Strong analytical and problem‐solving mindset
• Ability to translate regulatory or technical requirements into practical guidance
• Attention to detail and process discipline
• Collaborative and team‐oriented approach
• Calm, conscientious and adaptable working style
• Positive attitude towards continuous improvement

Desirable Qualifications:

• CISSP
• CISM
• CRISC
• ISO 27001 Lead Implementer or Lead Auditor
• IAPP certifications
• Equivalent practical experience will also be considered.

Benefits:

• Private Medical
• Inclusive Culture: Enjoy an inclusive culture and environment.
• Holiday: Generous holiday allowance.
• Learning: Access to continuous learning and development opportunities.
• Bonus Potential: Bonus potential based on performance and business‐related factors.
• Discounts: Discounts on a wide range of products and services.
• Pension: Pension scheme contributions.
• EV Car Scheme
• Hybrid Working Policy

How To Apply: Please note that the talent acquisition team is managing this vacancy directly and we do not require agency support. Candidates who are successful will be required to undergo relevant security checks.

Equal Opportunities: Here at TIG we are committed to equal opportunities and value diversity, equity and inclusion at our company. We do not discriminate based on race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.