CrawlJobs Logo
Broster Buchanan Logo Broster Buchanan · IT - Administration

Information Security GRC Analyst

United Kingdom, Liverpool 40000.00 - 50000.00 GBP / Year · Job Posted March 22, 2026
Apply Position
Job Link Share

Job Description

Our Financial Services client has an exciting vacancy within their Information Security Team for an experienced and a highly motivated Information Security GRC Analyst. This is a brand new opportunity at a time of exciting growth within the organisation. This role offers the chance to work in a growing & collaborative team as well as a chance for excellent progression & to develop both GRC and technical security skills within a supportive environment.

Job Responsibility

  • Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion
  • Support the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards
  • Support third party risk management processes
  • Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities
  • Manage security architecture reviews for new systems and services
  • Evaluate security controls and recommending improvements
  • Support the implementation of security tools and technologies
  • Provide oversight of the security incident management process
  • Provide security metrics for interested parties at all levels
  • Support the security awareness programme to promote a culture of security within all levels of the Group
  • Provide support for internal and external security audits

Requirements

  • 2 – 3 years’ experience in information security roles
  • Experience with risk assessment methodologies
  • Excellent analytical and problem-solving skills with attention to detail
  • Strong communication skills with the ability to explain complex security concepts to non – technical stakeholders
  • Knowledge of information security frameworks such as ISO 27001 or NIST
  • Eligibility to work in the UK

Nice to have

  • Experience with regulatory compliance in the financial services sector
  • Relevant security certifications
  • Understanding of security technologies and controls
  • Understanding of application security concepts and secure development practices
Broster Buchanan - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security GRC Analyst

8 matching positions

Information Security Analyst, GRC

We are seeking an Information Security GRC Analyst - a disciplined professional ...
Location
Location
United States
Salary
Salary:
Not provided
paytient.com Logo
Paytient
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Verifiable experience leading or playing a high-level role in a successful Information Security GRC program that encompasses vendor lifecycle management, alignment with compliance frameworks, and risk management
  • 2+ years in Information Security, IT Audit, or a Security GRC role
  • A strong understanding of networking, operating systems, cloud security, and encryption
  • An in-depth knowledge of HITRUST CSF and SOC2 and a working knowledge of NIST and ISO 27001
  • Exceptional written communication skills with the ability to create clear, accurate documentation that stands up to auditor scrutiny
  • Experience with Jira, Google Workspace, and GRC platforms such as Vanta, Drata, or similar products
Job Responsibility
Job Responsibility
  • Manage the alignment of internal policies, procedures, and controls with the HITRUST CSF and SOC2
  • Contribute to the design and implementation of robust security controls across the organization
  • Collaborate with stakeholders to draft and update information security policies and standards
  • Act as a primary participant in SOC2 and HITRUST assessments and audits, managing evidence gathering, documentation, and technical interaction with external auditors
  • Work closely with IT and Security teams to verify that controls are designed correctly and operating effectively
  • Assist in identifying vulnerabilities and participate in risk assessments for proposed business changes
  • Facilitate the Vendor Management Program by performing third party risk reviews for a broad range of technology vendors and reporting risk findings to technology stakeholders
What we offer
What we offer
  • Medical, dental and vision insurance
  • $4,400 annual HSA contribution
  • Paytient Health Payment Account (HPA)
  • Monthly lifestyle spending stipend
  • Five weeks of annual PTO
  • Week-long fully paid 'summer break' for all employees
  • Ten weeks of bonding leave for new parents
  • Two weeks of caregiver leave
  • Employer paid short-term and long-term disability
  • 401k plan access with a 4% employer match
  • Fulltime
Read More
Arrow Right

Information Security Analyst

As our business continues to grow, so does the need to strengthen and continuous...
Location
Location
Poland , Kraków
Salary
Salary:
Not provided
keepit.com Logo
Keepit
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 1 year of experience or degree in cybersecurity or governance, risk and compliance (GRC) in a technology company
  • Effective communication skills (oral and written) at all levels of the organization
  • Ability to systematize data and offer effective solutions in conditions of limited time
  • Understanding of Risk Analysis and Compliance approach
  • Sufficient technical foundation to understand larger internet-based systems
  • Strong sense of ownership and ability to remain composed in dynamic environments
  • Team-oriented mindset with the ability to build positive working relationships
  • Understanding of information security frameworks and standards, especially ISO 27001 standard
  • Good knowledge of Project/Product IT lifecycle
  • Task-oriented approach
Job Responsibility
Job Responsibility
  • Maintain risk management processes within the ISMS
  • Support the development and maintenance of security documentation
  • Maintain and improve the Information Security Management System (ISMS)
  • Implement relevant risk controls in cooperation with internal teams
  • Support the preparation for and completion of external audits
  • Process customer security-related requests and questionnaires
  • Review information security assessments for new vendors
  • Contribute to security awareness and education initiatives
  • Manage communication related to security controls and practices
What we offer
What we offer
  • 4 additional working days of vacation leave per full calendar year
  • 3 days of internal sick leave without a doctor's note
  • Health and Life Insurance
  • Employee Capital Plan (PPK)
  • Multisport card compensation
  • Coverage of professional training sessions, meetups, etc.
  • English-speaking club with native speakers
  • Polish language classes
  • Internet and Glasses reimbursement
  • Cosy office in Krakow city centre (Długa, 72) with beverages, fruit, and cookies
  • Fulltime
Read More
Arrow Right

Information Security Analyst

We are working with a growing technology company in Irvine that is looking to ad...
Location
Location
United States , Irvine
Salary
Salary:
80000.00 - 120000.00 USD / Year
strategicemployment.com Logo
Strategic Employment Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3–5 years of experience in cybersecurity, GRC, or IT security roles, with exposure to SOC2 or similar compliance frameworks
  • Experience with security operations tools (e.g., vulnerability scanning, endpoint protection, monitoring) and incident response processes
  • Ability to manage security policies, audits, vendor risk assessments, and internal controls in a dynamic environment
  • Comfortable working cross-functionally and communicating security concepts to both technical teams and external stakeholders
  • Strong ownership mindset with the ability to manage multiple priorities across compliance, operations, and ad hoc security needs
Job Responsibility
Job Responsibility
  • Take ownership of security initiatives across the organization, including GRC, security operations, and stakeholder support
  • Work independently while interfacing with internal teams, auditors, and occasionally clients
  • Manage security policies, audits, vendor risk assessments, and internal controls
  • Manage multiple priorities across compliance, operations, and ad hoc security needs
  • Fulltime
Read More
Arrow Right

Lead Analyst, Information Security Governance & Compliance

Beacon Hill Technologies is partnering with a client to identify a Lead Analyst,...
Location
Location
United States , Boca Raton
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Practical, working knowledge of audit and assurance concepts and terminology
  • Experience supporting both internal and external audits
  • Ability to evaluate the quality and sufficiency of audit evidence
  • Strong attention to documentation, traceability, and control effectiveness
  • Prior experience in information security governance, compliance, or risk management
  • Demonstrated ability to lead work while remaining directly involved in execution
  • Clear communication skills, particularly when explaining audit or compliance topics
  • Bachelor’s degree in Information Security, Risk Management, or a related discipline
  • 7+ years of experience in governance, risk, and compliance or information security roles
  • Familiarity with security and control frameworks such as NIST or ISO
Job Responsibility
Job Responsibility
  • Support and guide audit, compliance, and risk activities within the information security organization
  • Ensure audit readiness
  • Coordinate audit responses
  • Validate the quality and completeness of evidence
Read More
Arrow Right

Information Security Analyst

Working with the wider business and Group Systems stakeholders to support the co...
Location
Location
United Kingdom , Melbourn
Salary
Salary:
Not provided
paconsulting.com Logo
PA Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Security related qualification or equivalent experience desirable
  • Must be a suitable candidate to undertake SC clearance
  • Awareness of security compliance
  • Proven track record in communicating confidently with stakeholders at all levels
  • Proven track record of writing responses in a customer friendly way
  • Some knowledge of ISO27001/2 and Cyber Essentials would be an advantage
  • Knowledge of UK government compliance policies (e.g. GS-007/SPF) would be an advantage
  • Knowledge of OneTrust/compliance applications an advantage
  • Proven desire and ability to keep up to date with security
  • Customer focused
Job Responsibility
Job Responsibility
  • Support internally and externally facing compliance/information security audits
  • Manage operational risk tickets raised by the entire business
  • Reply to client/supplier security questionnaires which help PA win client work
  • Ensure operational teams maintain expected security standards by reviewing access lists and removing accesses which are no longer required
What we offer
What we offer
  • Health and lifestyle perks accompanying private healthcare
  • 25 days annual leave (plus a bonus half day on Christmas Eve) with the opportunity to buy 5 additional days
  • Generous company pension scheme
  • Opportunity to get involved with community and charity-based initiatives
  • Annual performance-based bonus
  • PA share ownership
  • Tax efficient benefits (cycle to work, give as you earn)
  • Fulltime
Read More
Arrow Right

Senior Security GRC Analyst

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serv...
Location
Location
United States , San Francisco; San Jose
Salary
Salary:
154000.00 - 200000.00 USD / Year
lambda.ai Logo
Lambda
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 8 years of experience supporting cybersecurity risk or controls management programs
  • In-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements
  • Experience managing and running audits, certification programs and control assessments
  • Experience collaborating closely with engineers, business teams, and security partners
  • Strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives
Job Responsibility
Job Responsibility
  • Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives
  • Manage IT Risk Register including risk identification, tracking, and prioritization
  • Assist with and drive remediation of control deficiencies and gaps
  • Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.)
  • Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting
  • Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires
  • Assist control owners with root cause analysis and track risk management action plan progress
  • Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings
  • Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements
What we offer
What we offer
  • Generous cash & equity compensation
  • Health, dental, and vision coverage for you and your dependents
  • Wellness and commuter stipends for select roles
  • 401k Plan with 2% company match (USA employees)
  • Flexible paid time off plan
  • Fulltime
Read More
Arrow Right

Security GRC Analyst

Plan, perform and control the activities to assure Blockchain.com’s controls are...
Location
Location
Argentina , Buenos Aires
Salary
Salary:
Not provided
blockchain.com Logo
Blockchain
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Forward-looking and strategic minded, with an eye to understanding potential risks, legal and compliance implications
  • Good knowledge of IT risk areas including regulatory, operational, information and energy industry specific
  • Good overall knowledge of application and infrastructure security control mechanisms
  • Advanced command of the English language
  • 2+ years experience in audit and security certifications such as ISO, SOC and PCI
  • Education Four-year college degree (or equivalent)
Job Responsibility
Job Responsibility
  • Oversee execution and completion of applications related security controls ensuring effectiveness
  • Design, create and share policies, standards and procedures to ensure demonstrable regulatory /legal control. Communicate changes to internal stakeholders
  • Conduct preliminary self-assessment control tests of the applicable controls
  • Track and document remediation actions as result of audit findings
  • Host internal/external IT audits including walkthroughs, retaining test evidence for in scope assets and tracking action plans to either remediate or mitigate potential risk exposure findings
  • Conduct the quarterly User Access reviews process including information gathering, management responses tracking, and results review to follow through on corrective actions
  • Develop, implement and maintain a risk register. Contribute results to the corporate dashboard
  • Participate in new tools/partners/investors due diligences
  • Have an active participation in Digital projects and perform other activities assigned by the Manager
What we offer
What we offer
  • Amazing and accessible office location in Palermo
  • Apple equipment
  • Full-time salary based on experience and meaningful equity in an industry-leading company
  • The opportunity to be a key player and build your career at a rapidly expanding, global technology company in an emerging field
  • Flexible work culture
  • Work from Anywhere Policy: You can work remotely from anywhere in the world for up to 20 days per year
  • Fulltime
Read More
Arrow Right

Security GRC Analyst

Juni is seeking a Security GRC (Governance, Risk, and Compliance) Analyst to pla...
Location
Location
Sweden , Stockholm; Gothenburg
Salary
Salary:
Not provided
juni.co Logo
Juni
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 to 4 years of experience in information security governance, risk, or compliance roles
  • Demonstrated experience with compliance frameworks and regulations (e.g., PCI DSS, ISO 27001, GDPR, PSD2, EBA outsourcing and DORA)
  • Degree in Cybersecurity or Information Systems or similar
  • Knowledge of security frameworks (e.g., CIS Controls, NIST CSF)
  • Solid understanding of risk assessment methodologies and hands-on experience with risk registers and third-party risk management
  • Experience in coordinating activities for security certifications and audits
  • Ability to develop and track security metrics (KPIs)
  • Strong analytical, problem-solving, and organisational skills
  • Excellent communication skills, comfortable presenting to various stakeholders
  • A proactive and independent worker who is also a strong team player
Job Responsibility
Job Responsibility
  • Maintain and update core security documentation, including policies, procedures, and instructions, ensuring they remain current and relevant
  • Identify, collect, and analyse data to track key security performance indicators (KPIs) and metrics, generating reports and dashboards to communicate security performance to stakeholders
  • Maintain the risk register and support daily risk management activities with growing independence
  • Follow up on the remediation of risks identified in new projects, third-party engagements, and other business initiatives
  • Conduct thorough security posture assessments of new vendors and perform periodic reviews of existing ones
  • Support our 3rd party procurement process
  • Monitor the implementation and effectiveness of security controls across the organisation
  • Coordinate and support activities to maintain key security certifications, including PCI-DSS and ISO 27001
  • Coordinate and support the implementation of remediation plans to address identified compliance gaps
  • Provide support in responding to security-related questions during partner due diligence and assist in providing necessary information for cyber insurance renewals
What we offer
What we offer
  • Work hybrid
  • Meet all Junis IRL at the company onsite each year
  • Diversity is at our core
  • Progress your career whether you choose to manage people or not
  • Stock options
  • Vacation 30 days
  • Private Health insurance
  • Beautiful offices in central Gothenburg and Stockholm, front row sea view
  • Fulltime
Read More
Arrow Right