Enable job alerts via email!
GRC Information Security Analyst
Hireful Ltd
City of London
Hybrid
GBP 60,000 - 65,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A global software technology company is seeking an experienced GRC Information Security Analyst to join their team in London. The role involves supporting compliance with various frameworks and engaging with cloud environments while providing strong communication and stakeholder management. This full-time position offers a hybrid working model with a competitive salary ranging from £60K to £65K plus a bonus and benefits package.
Qualifications
- Experience in GRC Security and audits.
- Familiarity with compliance frameworks and regulations.
- Mid-senior level experience in IT Security.
Responsibilities
- Support compliance with various frameworks such as ISO 27001 and PCI DSS.
- Engage with cloud environments and ensure security compliance.
- Communicate effectively with internal teams and external auditors.
Skills
Tools
Join a global software technology company in the UK as an experienced GRC Information Security Analyst.
You will work closely with external auditors and internal departments in a hybrid environment with flexibility for remote work. You may need to be in the office 1‑2 days a week, or occasionally up to 3 days, or even zero.
Central London office. Hybrid workplace with flexibility.
£60K‑£65K basic + 10% bonus + excellent benefits package.
- Support ISO 27001, PCI DSS, SOC2, NIST, and CIS benchmarking and compliance.
- Maintain compliance with relevant legislation such as DPA, GDPR.
- Engage with cloud environments (AWS, Azure) and Windows/Linux environments (non‑technical role).
- Report directly to the IT Security GRC Director; provide strong communication and stakeholder management skills.
- IT Security Risk & Compliance automated tooling such as Drata, Vanta, OneTrust.
- CISA or Lead Auditor certifications.
Experience in the GRC Security space, including audits, auditors, ISO27001, PCI DSS, SOC2, NIST and current compliance regulations.
Strong communications & internal/external stakeholder management skills.
Mid‑Senior.
Full‑time.
Information Technology – Computer and Network Security.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
