Job Type: Permanent
Job Industry: Business Services
Contact Name: Nandini Bhatia
Job Location: Greater-manchester
Job Title: GRC Analyst
Job Salary: £40,000 - £45,000 Per Annum
An exciting opportunity has arisen to join the growing ICT Department and become a member of the InfoSec team working in a dynamic and fast-paced environment with new challenges every day. Based in our Clients Manchester Head Office. It is an exciting time to join the business as they rationalise their current infrastructure and embark on their journey to Cloud based services. You will work collaboratively with the business and wider IT team (Infrastructure, Network, Development, DevOps, and Service Desk) to provide governance and security for existing and new services.
A broad technical knowledge is required, alongside ITIL experience in Incident, Request, Change, Problem, Release, Event and Knowledge management. You will be forward thinking, customer focussed and self-motivated with the drive to improve all IT services and the user experience.
* Must aspire to a culture of service excellence, always putting the customer, our people, and our business at the centre of everything you do.
* Demonstrate strong organisational skills and be accountable for your daily workload
* Demonstrate a systematic, disciplined, and analytical approach
* Be customer focussed and ardent in ensuring that colleagues receive a high quality of service
The Governance, Risk, and Compliance Analyst is responsible for the assessing and documenting of the Company’s compliance and risk posture as they relate to its information assets. The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards, and guidelines
* Strong understanding of ISO27001 and Cyber Essentials
* Experience with NIST or PCI-DSS is desirable
* Experience with ISO9001 is desirable
* Great understanding of risk, both internally and externally
* Previous audit experience
* Understanding of GDPR, data protection and information governance
* Knowledge of information security risk management frameworks and compliance practices
* Knowledge of securing network technologies, client, and server operating systems
* Ability to develop security standards and guidelines based on best practices and industry standards
* Experience responding to, analysing, and communicating information security incidents