Governance, Risk & Compliance (GRC) Analyst (Sunderland)

Governance, Risk & Compliance (GRC) Analyst (Sunderland)

Sunderland Full-Time 35000 - 45000 £ / year (est.) Home office (partial)
Tombola

At a Glance

  • Tasks: Bridge tech and compliance, shaping effective security frameworks and managing risks.
  • Company: Join tombola, a vibrant company that values innovation and collaboration.
  • Benefits: Hybrid work model, career growth opportunities, and a supportive team culture.
  • Other info: Inclusive culture that celebrates diversity and encourages fresh ideas.
  • Why this job: Make a real impact in security while working with diverse teams.
  • Qualifications: Curiosity about tech, strong communication skills, and organisational abilities.

The predicted salary is between 35000 - 45000 £ per year.

hackajob is collaborating with Tombola to connect them with exceptional professionals for this role. Sunderland - hybrid - Perm. Some roles sit in tech. Some sit in compliance. This one sits right in the middle. We’re looking for someone who can confidently bridge both worlds, understanding the technical detail while translating it into clear, practical guidance across the business. This role has opened up due to an internal promotion, something we love to celebrate at tombola as part of how we grow and develop our people. We’re on the lookout for a Governance, Risk & Compliance (GRC) Analyst to join our friendly and growing InfoSec team here at tombola. You’ll be joining a collaborative team of security-minded professionals alongside our Operational Security, Offensive Security and IT Support Teams. We take what we do seriously, but we don’t take ourselves too seriously.

What you’ll be doing

This is a key role where you’ll sit right at the heart of how we balance security, compliance and innovation. You’ll be helping us shape and deliver an effective technical compliance framework, making sure we maintain a strong security posture while still moving at pace as a business. Working closely with technology teams, compliance, and stakeholders across tombola, you’ll help identify, assess and manage technology and security risks. A big part of your role will be translating complex technical and regulatory requirements into something meaningful and actionable for different audiences across the business.

  • Support the ongoing development and improvement of our ISMS, policies, standards and processes
  • Lead and support audits, working with external partners and Group teams
  • Help ensure our platforms and games meet both local and international regulatory requirements
  • Act as a key point of contact between InfoSec and the wider business, building strong relationships and driving the right outcomes

What we’re looking for

We’re looking for someone who’s curious, confident and comfortable operating between technical and non-technical worlds. You don’t need to be hands-on coding, but you do need to understand technology well enough to ask the right questions, challenge where needed and hold your own in conversations with technical teams. You’ll likely bring:

  • A strong understanding of security frameworks, standards or compliance environments
  • The ability to interpret technical concepts and communicate them clearly to different audiences
  • Confidence to challenge, influence and guide stakeholders across the business
  • Strong organisational skills, with the ability to manage multiple priorities

We’d also love someone who:

  • Is naturally inquisitive and enjoys getting into the detail
  • Is comfortable asking questions and challenging the status quo
  • Enjoys working with a wide range of people and building relationships
  • Takes pride in doing things thoroughly and properly

Ways of working

This role is based at our Sunderland HQ, with a hybrid approach of 3 days in the office and 2 days working from home. That means plenty of time collaborating with the team, alongside space to focus and get stuck into the detail.

Why tombola

We’re a business built on innovation, collaboration and doing things differently. We’re always looking to improve how we work and we genuinely welcome new ideas and perspectives. If you’re looking for a role where you can make an impact, grow your career and be part of a team that backs each other, we’d love to hear from you. At tombola we know that our differences make us stronger and that thinking differently is key to long term success. We work hard to create a culture of inclusivity where everyone can celebrate our Free to be me value. We are committed to creating opportunities for everyone here at tombola, we welcome applications from all backgrounds and encourage individuals to apply, even if you don’t meet every requirement.

Tombola

Contact Details:

Tombola Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Governance, Risk & Compliance (GRC) Analyst (Sunderland)

Join Compliance Communities

Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!

Attend Industry Conferences

Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.

Leverage Your University Career Services

If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.

Showcase Your Knowledge Online

Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like Tombola looking for candidates who are engaged and informed.

We think you need these skills to ace Governance, Risk & Compliance (GRC) Analyst (Sunderland)

Governance, Risk & Compliance (GRC)
Technical Compliance Framework
Security Posture Management
Risk Assessment and Management
ISMS Development
Audit Support
Regulatory Compliance

Some tips for your application 🫡

Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!

Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.

Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!

Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at Tombola. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!

How to prepare for a job interview at Tombola

Master the Regulations

Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!

Show Your Analytical Skills

Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!

Know Your Tools

Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!

Align with Company Culture

Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with Tombola’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!