At a Glance
- Tasks: Support risk management and compliance in a dynamic transport organisation.
- Company: Leading transport organisation with a focus on governance and risk.
- Benefits: Competitive salary, 5% bonus, hybrid work, and travel discounts.
- Other info: Great career growth and a supportive team culture.
- Why this job: Make a real impact on security and compliance in a regulated environment.
- Qualifications: 4-5 years in governance, risk, or compliance roles; ISO27001 and NIST knowledge.
The predicted salary is between 50000 - 55000 £ per year.
VIQU has partnered with a leading transport organisation to recruit a GRC Analyst to join their Finance and Information Security team. This is a fantastic opportunity for a GRC Analyst to take ownership of established governance frameworks, policies, and risk processes within a highly regulated environment. The GRC Analyst will play a key role in maintaining compliance, supporting audits, and embedding a strong risk-aware culture across the business.
Key Responsibilities of the GRC Analyst:
- Support and maintain the organisation’s risk management framework, including risk identification, assessment, and monitoring
- Facilitate risk assessments across business units and support mitigation planning
- Monitor risk trends, control effectiveness, and emerging threats, providing insights to senior stakeholders
- Support compliance programmes, ensuring adherence to regulatory and industry standards (e.g. ISO27001, NIST CSF)
- Coordinate internal and external audits, including evidence gathering and action tracking
- Contribute to governance policies, standards, and procedures development and review
- Produce clear governance and risk reports for leadership teams
- Support governance and assurance of technology change management processes
- Assist with risk, compliance, and security awareness initiatives across the organisation
Key Requirements of the GRC Analyst:
- 4-5 years experience in governance, risk, or compliance roles within regulated or critical environments
- Strong understanding of frameworks such as ISO27001 and NIST CSF
- Experience supporting audits, compliance reporting, and evidence management
- Ability to interpret regulatory requirements into practical controls and processes
- Excellent communication and stakeholder engagement skills
- Strong organisational skills with the ability to manage multiple priorities
- Experience within regulated sectors such as transport, utilities, financial services, or government
- Exposure to Operational Technology (OT) or Industrial Control Systems (ICS) (desirable)
- Relevant certifications (ISO27001 Lead Implementer/Auditor, CISMP, CRISC, CISM) (desirable)
- Degree in Information Security, Risk, Business, Law, or equivalent experience
Additional Information:
- Hybrid working: Initially 5 days onsite, reducing to 3 days onsite after probation
- 5% bonus
- 10% pension contribution
- Free Zone 1-6 travel for you and a nominated household member
- 75% discount on National Rail season tickets
Interview process: 2 stages (Face-to-face and virtual)
Apply today to speak with VIQU in confidence or contact Noah Yeoman at (url removed).
Know someone exceptional for this GRC Analyst position? Refer them and receive up to £1,000 if successful (terms apply).
Follow us on IT Recruitment for more exciting opportunities.
Hybrid GRC Analyst: ISO/NIST Focus + 5% Bonus in London employer: United Cerebral Palsy of Georgia
VIQU is an exceptional employer, offering a dynamic work environment where GRC Analysts can thrive in a hybrid setting while contributing to a leading transport organisation. With a strong focus on employee growth, competitive benefits including a 5% bonus, generous pension contributions, and significant travel discounts, VIQU fosters a culture of compliance and risk awareness that empowers employees to take ownership of their roles. Join us in London to be part of a team that values your expertise and supports your professional development in a highly regulated industry.
Contact Details:
United Cerebral Palsy of Georgia Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Hybrid GRC Analyst: ISO/NIST Focus + 5% Bonus in London
✨Tip Number 1
Network like a pro! Reach out to people in the industry, attend events, and connect on LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that GRC Analyst role.
✨Tip Number 2
Prepare for those interviews! Research the company and its governance frameworks, especially ISO27001 and NIST CSF. We want you to show off your knowledge and how you can contribute to their risk management processes.
✨Tip Number 3
Practice makes perfect! Do mock interviews with friends or use online resources to get comfortable with common questions. We believe that being well-prepared will boost your confidence and help you shine during the real deal.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. We’re here to support you every step of the way, so let’s get you that GRC Analyst position!
We think you need these skills to ace Hybrid GRC Analyst: ISO/NIST Focus + 5% Bonus in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the GRC Analyst role. Highlight your experience with ISO27001 and NIST CSF, and don’t forget to showcase your skills in risk management and compliance. We want to see how you can bring value to our team!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about governance and risk management. Share specific examples of how you've supported audits or developed policies in previous roles. We love a good story!
Showcase Your Communication Skills:As a GRC Analyst, you'll need to engage with various stakeholders. Make sure your application reflects your excellent communication skills. Whether it's through your CV, cover letter, or any additional documents, clarity and professionalism are key!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows us you’re keen on joining our team at StudySmarter!
How to prepare for a job interview at United Cerebral Palsy of Georgia
✨Know Your Frameworks
Make sure you brush up on ISO27001 and NIST CSF before the interview. Be ready to discuss how you've applied these frameworks in your previous roles, as this will show your understanding and practical experience.
✨Prepare for Scenario Questions
Expect questions that ask you to describe how you would handle specific risk management scenarios. Think of examples from your past work where you identified risks, facilitated assessments, or supported audits, and be ready to share those stories.
✨Showcase Your Communication Skills
As a GRC Analyst, you'll need to engage with various stakeholders. Practice explaining complex concepts in simple terms, and be prepared to demonstrate how you've effectively communicated compliance requirements or risk findings in the past.
✨Ask Insightful Questions
At the end of the interview, have a few thoughtful questions ready about the company's risk culture or their approach to compliance. This shows your genuine interest in the role and helps you assess if the company is the right fit for you.
