At a Glance
- Tasks: Manage risk frameworks and support compliance in a dynamic transport organisation.
- Company: Leading transport organisation with a focus on governance and information security.
- Benefits: Competitive salary, hybrid working, bonus, pension contribution, and travel discounts.
- Other info: Opportunity for career growth with a supportive team and flexible working arrangements.
- Why this job: Join a vital role in shaping risk culture and compliance in a regulated environment.
- Qualifications: 4-5 years in governance, risk, or compliance; strong communication and organisational skills.
The predicted salary is between 50000 - 55000 £ per year.
VIQU has partnered with a leading transport organisation to recruit a GRC Analyst to join their Finance and Information Security team. This is a fantastic opportunity for a GRC Analyst to take ownership of established governance frameworks, policies, and risk processes within a highly regulated environment. The GRC Analyst will play a key role in maintaining compliance, supporting audits, and embedding a strong risk-aware culture across the business.
Key Responsibilities of the GRC Analyst:
- Support and maintain the organisation's risk management framework, including risk identification, assessment, and monitoring.
- Facilitate risk assessments across business units and support mitigation planning.
- Monitor risk trends, control effectiveness, and emerging threats, providing insights to senior stakeholders.
- Support compliance programmes, ensuring adherence to regulatory and industry standards (e.g. ISO27001, NIST CSF).
- Coordinate internal and external audits, including evidence gathering and action tracking.
- Contribute to governance policies, standards, and procedures development and review.
- Produce clear governance and risk reports for leadership teams.
- Support governance and assurance of technology change management processes.
- Assist with risk, compliance, and security awareness initiatives across the organisation.
Key Requirements of the GRC Analyst:
- 4-5 years experience in governance, risk, or compliance roles within regulated or critical environments.
- Strong understanding of frameworks such as ISO27001 and NIST CSF.
- Experience supporting audits, compliance reporting, and evidence management.
- Ability to interpret regulatory requirements into practical controls and processes.
- Excellent communication and stakeholder engagement skills.
- Strong organisational skills with the ability to manage multiple priorities.
- Experience within regulated sectors such as transport, utilities, financial services, or government.
- Exposure to Operational Technology (OT) or Industrial Control Systems (ICS) (desirable).
- Relevant certifications (ISO27001 Lead Implementer/Auditor, CISMP, CRISC, CISM) (desirable).
- Degree in Information Security, Risk, Business, Law, or equivalent experience.
Additional Information:
- Hybrid working: Initially 5 days onsite, reducing to 3 days onsite after probation.
- 5% bonus.
- 10% pension contribution.
- Free Zone 1-6 travel for you and a nominated household member.
- 75% discount on National Rail season tickets.
- Interview process: 2 stages (Face-to-face and virtual).
GRC Analyst - Information Security. Job in London LilyLifestyle Jobs employer: United Cerebral Palsy of Georgia
At VIQU, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters growth and innovation. As a GRC Analyst in London, you'll benefit from a hybrid working model, competitive salary, and generous pension contributions, all while contributing to a strong risk-aware culture within a leading transport organisation. With opportunities for professional development and a commitment to employee well-being, VIQU is the ideal place for those seeking meaningful and rewarding employment in the field of information security.
Contact Details:
United Cerebral Palsy of Georgia Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land GRC Analyst - Information Security. Job in London LilyLifestyle Jobs
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for those interviews! Research the company and its culture, and be ready to discuss how your experience aligns with their needs. Practise common interview questions and think of examples that showcase your skills in governance and risk management.
✨Tip Number 3
Follow up after interviews! A quick thank-you email can go a long way in showing your enthusiasm for the role. It’s also a chance to reiterate why you’re the perfect fit for their GRC Analyst position.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities, and applying directly can sometimes give you an edge. Plus, it’s super easy to keep track of your applications!
We think you need these skills to ace GRC Analyst - Information Security. Job in London LilyLifestyle Jobs
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the GRC Analyst role. Highlight your experience with governance frameworks and risk management, and don’t forget to mention any relevant certifications you have. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background makes you a great fit for our team. Keep it concise but impactful – we love a good story!
Showcase Your Communication Skills:As a GRC Analyst, you'll need to engage with various stakeholders. Make sure your application reflects your excellent communication skills. Whether it's in your CV or cover letter, clarity and professionalism are key – we want to see that you can convey complex ideas simply!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you get all the updates directly from us. Plus, it’s super easy – just a few clicks and you’re done!
How to prepare for a job interview at United Cerebral Palsy of Georgia
✨Know Your Frameworks
Make sure you brush up on your knowledge of ISO27001 and NIST CSF. Be ready to discuss how you've applied these frameworks in your previous roles, as this will show your understanding of compliance and risk management.
✨Prepare for Scenario Questions
Expect questions that ask you to describe how you would handle specific risk scenarios or compliance challenges. Think of examples from your past experience where you successfully identified risks or facilitated audits, and be ready to share those stories.
✨Showcase Your Communication Skills
As a GRC Analyst, you'll need to engage with various stakeholders. Practice articulating complex information clearly and concisely. You might even want to prepare a few examples of how you've effectively communicated risk findings or compliance issues to non-technical audiences.
✨Demonstrate Your Organisational Skills
With multiple priorities to manage, it's crucial to showcase your organisational abilities. Be prepared to discuss how you prioritise tasks, manage deadlines, and ensure that nothing falls through the cracks, especially when it comes to audits and compliance reporting.
