Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as a GRC Analyst to safeguard information security and manage risks.
- Company: Be part of a leading FTSE 100 brand making waves in the market.
- Benefits: Enjoy hybrid working, competitive salary, bonuses, and a comprehensive benefits package.
- Why this job: Make a real impact on cybersecurity while collaborating with diverse teams and senior stakeholders.
- Qualifications: Bring your Cyber Security qualifications and experience in governance or technical operations.
- Other info: Work in a dynamic environment with opportunities for growth and learning.
The predicted salary is between 40000 - 60000 £ per year.
GRC Analyst with a focus on infosec governance, risk and compliance required by a market leading brand. The information security analyst will assist in establishing and monitoring the corporate information security policy, standards, procedures, guidelines, internal controls and business continuity to ensure critical information is protected, in alignment to Cyber Security best practice and data protection regulation.
This role requires a particular knowledge around PCI DSS, and ideally my client is looking for an individual who has worked to help an organisation achieve PCI DSS compliance working with 3rd party experts. The focus of this role will be to represent information security being able to interpret technical design and how information security best practices should be applied. Also be able to lead with incident management investigations and conduct risk and vulnerability assessments where appropriate.
Key Accountabilities & Responsibilities
- Conduct risk and vulnerability assessments to identify and mitigate security risks.
- Represent information security within projects ensure best practice is adhered to.
- Coordinate across departments to ensure risk is managed through comprehensive security measures and policies.
- Incident response and management – lead and participate in complex incident investigations.
- Develop and maintain cyber incident response plans and playbooks.
- Conduct post-incident reviews and implement lessons learnt to improve the organisation’s security posture.
Requirements:
- Either Technical Operations Security experience with an interest to work within a governance role or experience working in a Security Governance role.
- Ability to assess system controls based on a documented standard.
- Will be able to demonstrate ability in problem analysis and resolution.
- Strong communication skills to be able to influence best practice at all levels of the organisation, with the ability to explain technical problems to non-technical business stakeholders at all levels.
- Ability to build effective relationships to influence and negotiate business outcomes.
- Experience of working with and presenting findings to Senior Stakeholders.
- Hold recognised Cyber Security qualification (CISA, CISMP, CISM or equivalent).
- Knowledge of industry related frameworks such as ISO27001, PCI DSS.
This role is based in Northampton and is a hybrid position with on average 2 days a week on-site. The salary is between £50-£60k + Bonus + Package.
GRC Analyst - Information Security - FTSE 100 Market Leader employer: Ventula Consulting
Contact Detail:
Ventula Consulting Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Analyst - Information Security - FTSE 100 Market Leader
✨Tip Number 1
Familiarise yourself with PCI DSS compliance requirements and best practices. Understanding these standards will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience in GRC roles. Engaging with industry experts can provide insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss real-world scenarios where you've conducted risk assessments or incident management. Being able to share specific examples will showcase your practical experience and problem-solving skills.
✨Tip Number 4
Stay updated on the latest trends and developments in cyber security and governance frameworks. This knowledge will help you engage in meaningful conversations during interviews and show your passion for the field.
We think you need these skills to ace GRC Analyst - Information Security - FTSE 100 Market Leader
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security governance, risk, and compliance. Emphasise any work you've done related to PCI DSS compliance and your ability to conduct risk assessments.
Craft a Compelling Cover Letter: In your cover letter, explain why you're passionate about information security and how your skills align with the role. Mention specific examples of past experiences where you successfully managed incidents or developed security policies.
Highlight Relevant Qualifications: Clearly list any recognised Cyber Security qualifications you hold, such as CISA, CISMP, or CISM. This will demonstrate your commitment to the field and your understanding of industry standards.
Showcase Communication Skills: Since strong communication skills are essential for this role, provide examples in your application of how you've effectively communicated technical information to non-technical stakeholders. This could be through presentations, reports, or team collaborations.
How to prepare for a job interview at Ventula Consulting
✨Understand PCI DSS Inside Out
Make sure you have a solid grasp of PCI DSS compliance requirements. Be prepared to discuss your previous experiences in helping organisations achieve compliance, and how you collaborated with third-party experts.
✨Showcase Your Incident Management Skills
Be ready to share specific examples of how you've led incident investigations in the past. Highlight your ability to conduct post-incident reviews and implement lessons learned to enhance security measures.
✨Communicate Effectively with Non-Technical Stakeholders
Demonstrate your strong communication skills by explaining complex technical concepts in simple terms. Prepare to discuss how you've influenced best practices across different levels of an organisation.
✨Familiarise Yourself with Relevant Frameworks
Brush up on industry frameworks like ISO27001 and how they relate to information security governance. Being able to discuss these frameworks will show your depth of knowledge and commitment to best practices.
