Information Security Governance Analyst – GRC

Information Security Governance Analyst – GRC
Location – Northampton, Northamptonshire
Salary – 40-50k plus excellent benefits & hybrid working
Information Security Analyst, Governance Analyst, GRC, ISO 27001
Due to continued success and growth of their UK arm this prestigious organisation are adding to their InfoSec team with the addition of an InfoSec Analyst focusing on Governance, Risk & Compliance - GRC.
The information Security Analyst will be working alongside a talented Cyber security team, and they are looking for an innovative and enthusiastic Infosec person who is determined to build on their existing governance, risk, and compliance capabilities.
This is a key role taking responsibility for communicating and delivering an effective technical compliance framework throughout the organisation, ensuring that they can maintain a suitable security posture whilst retaining their competitive edge.
This position will work closely with compliance, risk & technology teams and the wider business in order to support a tech risk framework used to manage and mitigate security and technology risks across the organisation’s tech group while continuing to enhance the security culture throughout the business.
Core skills & responsibilities.

  • Generate reports on Information Security metrics, key risk indicators (KRI) and compliance for stakeholders
  • Co-ordinate the Information Security Governance, Risk and Compliance capabilities
  • Conduct Security risk assessments
  • Support the delivery of 3rd Party Due Diligence assessments for new & existing relationships, including a forward schedule for revaluation
  • Support projects to ensure Information Security operational requirements are considered, implemented or risk managed
  • Work closely with penetration testing and vulnerability assessment teams, receiving governance oversight of output results. Challenging and reporting on non-compliance to vulnerability management policy
  • Collaborate with appropriate resource engineer on providing results and metrics for consistent reporting on governance purposes; collaborate and coordinate remediation plans and activities
  • Any IT security Certifications in one of ISO 27001 , CCSP, Security+ or Cyber essentials would be highly advantageous
  • Understanding of GDPR
  • Analytical and logical in their approach with an attention to detail
  • Ability to communicate clearly, both verbally and in writing
The ideal candidate will have 3+ years relevant experience in Information Technology & Information security,  working directly in an Information Security Governance, Risk and Compliance role, working within accepted industry standards and best practices relating to information security compliance, such as ISO 27000. This is an excellent role to build on your GRC experience in a market leader, who will offer you a clearly defined career path and the opportunity to gain further Infosec certifications.
Key words; Information Security Analyst, Compliance, Risk Governance,CompTIA Security+, of ISO 27001 , CCSP, Security+ , Cyber essentials, PCI-DSS, NIST Framework, Information Security Analyst, Governance Analyst, GRC, Northampton, Northamptonshire, Wellingborough, Bedford, Kettering, Milton Keynes, Rugby
Send your CV to Bethany now – or call 0161 438 1178

Please follow us on twitter @erinassociates for similar roles

Erin Associates Ltd is acting as an Employment Agency in relation to this vacancy.

Location: Northampton, United Kingdom

Employment: Permanent

Salary: £40000 - £50000 excellent benefits & hybrid working