Senior Information Security Governance, Risk & Compliance Analyst
We're partnering with a global financial services organisation to find a Senior Information Security GRC Specialist. This position sits within a collaborative and growing security team, with a focus on strengthening governance, risk, and compliance initiatives across the enterprise.
The successful candidate will play a pivotal role in shaping the company's security posture, aligning processes with regulatory requirements, and working closely with stakeholders across multiple geographies.
Key Responsibilities:
* Take ownership of governance, risk, and compliance programmes, ensuring alignment across international offices.
* Develop, refine, and roll out security policies, standards, and procedures mapped to recognised industry frameworks.
* Carry out risk assessments, monitor remediation activities, and support adherence to regulatory requirements such as DORA and operational resilience obligations.
* Define and track security KPIs/KRIs, producing meaningful reporting for management and stakeholders.
* Drive awareness campaigns, oversee third-party risk reviews, and support compliance monitoring using appropriate security tools.
* Provide GRC guidance for strategic security projects to ensure compliance is built in from the outset.
What We're Looking For:
* Demonstrable experience in information security governance, risk, and compliance.
* Strong working knowledge of frameworks such as ISO 27001, NIST, or equivalent.
* Practical experience in managing compliance across complex, multi-jurisdictional environments.
* Familiarity with technical compliance tooling, particularly Microsoft Purview and Microsoft 365 security/compliance features.
* Confident communicator with proven stakeholder management and influencing skills.
* Relevant professional certifications (e.g. ISC², ISACA, ISO Lead Auditor/Implementer) are advantageous.
Interested?
Apply now to learn more.