Governance, Risk & Compliance (GRC) Analyst - ISO27001 / Audit
Kingston Upon Thames
I.T. & Communications
68000 Annual
Permanent
Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit
Kingston-Upon-Thames, Surrey (3 days per week in the office)
My client, a successful UK based company are looking for a GRC Analyst to join them on a permanent basis.
Working in a small Information Security team this responsible role involves supporting the operation, maintenance and maturity of the Information Security program.
Duties and responsibilities will include:
- Ensuring the protection of information assets and technologies
- Contribution to completion of security related audits such as ISO27001, ISO27017, NIST-CSF, IASME Governance, SOX
- Conduct and document internal audits
- Manage Third Party Risk Management (TPRM) including vendor security programme reviews,
- Contribution to Subject Access Request and eDiscovery processes
You will need:
- Extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience
- Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards
- Good knowledge of the Cyber Essentials Plus Scheme as well as UK & EU General Data Protection Regulation (GDPR) and the Data Protection Act (2018)
- The ability to work autonomously and as part of a team, excellent communication skills
Advantageous certifications
- ISO/IEC 27001 Lead Implementer
- ISO/IEC 27001 Internal Auditor
- Security+
- CISM / CISSP
This is an excellent opportunity within a stable organisation dedicated to IT Security.
Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit
Kingston-Upon-Thames, Surrey (3 days per week in the office)
Share: