Please answer the following questions in order to process your application.
Select your working status in the UK *
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
* denotes required field
Additional Information:
Availability/Notice
Salary Expectation GBP
Approximately how far are you willing to travel to work (in miles) ?
Key Privacy Information
When you apply for a job, JobServe will collect the information you provide in the application and disclose it to the advertiser of the job.
If the advertiser wishes to contact you they have agreed to use your information following data protection law.
JobServe will keep a copy of the application for 90 days.
More information about our Privacy Policy.
Job Details
Information Security GRC Analyst - FS/Legal experience (Permanent)
Location: London Country: UK Rate: £70k - £80k per annum
My client, an international law firm, are looking for an Information Security GRC analyst to work in their London office.
About the IT Security GRC Analyst role:
Looking for an experienced GRC anaylst to help asssit and create and implement an enhanced InfoSec Risk Management framework.
Key responsibilities:
- Demonstrated expertise in implementing risk frameworks and applying risk management principles.
- Support the design and execution of the Information Security Governance, Risk and Compliance roadmap.
- Ensure continuous alignment with business strategy through oversight of the InfoSec Risk Management framework, activities, and processes, including comprehensive metrics and reporting.
- Drive the rollout of the governance, risk, and compliance program for information security.
- Support in establishing Information Security governance that serve my client's intention and direction through development and management of administrative controls and promoting awareness.
- Assist to provide accurate and timely information to the business to make informed strategic, operational and service delivery decisions while remaining fully aware of risks and impact.
- Work with Internal and External stakeholders to ensure continuous compliance with regulatory requirements.
- Work closely with ERM and Audit and other teams where required to ensure risks are managed within risk appetite and audit findings are closed within an agreed timeframe.
- Raise the bar on documentation by running workshops with teams on the templates created and how to design and write audit ready documentation as per best known.
- Support alignment and reviews of our maturity against security frameworks as agreed with the CISO, such as NIST CSF.
- Help build meaningful metrics to support senior management decisions.
- Proficient in various frameworks including Cobit 2019, NIST, GDPR, ISO27001, CSF, CIS, etc.
- Skilled in coordinating and managing programs across diverse divisions, functions, and business units.
- Perform any other GRC duties and responsibilities, as assigned
- Must have a Bachelors degree (ideally in Computer Science or a simiar subject)
- Must have a CISSP
- Ideally have be a lead ISO 27001 Auditor
What they're looking for from the candidate:
* Excellent communication skills, attention to detail and growth mindset.
* Take ownership, demonstrate a sense of urgency, and ensure accuracy and quality.
* The ability to translate Information Security risks into the business language to support and drive informed decision making.
* A passion for compliance and knowledge of finance-related regulatory obligations/standards such as PCI-DSS, FCA, EBA, GLBA and US state financial regulations.
* Forward-looking and out of the box thinking with the ability to work with technical teams to translate regulatory requirements and audit findings into automated controls where feasible.
Education and Experience:
* Bachelor's degree in a related field or equivalent work experience
Knowledge of COBIT and ITIL processes.
If the above is of interest and you would like to find out more please apply to this role or call me to find out more.
Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates
Posted Date: 15 Apr 2024
Reference: JS-50942903/001
Employment Agency: Robert Walters
Contact: Darius Goodarzi