Launch Recite Me assistive technology

Accessibility

Menu

Sorry, applications for this particular Job have now closed.

Information Security Analyst

GRC Jobs
  • Hybrid-WFH/City of London
  • £500-550 per day (Inside IR35)

Information Security GRC Analyst required for a leading financial services firm. The role will be centred on developing and implementing their IT GRC Framework.

Overview:

  • Implementation and continuous development of the IT GRC frameworks, encompassing the wider Group IT activities.
  • Supporting IT risk management, focusing on technical IT risk assessments and documenting IT risks.
  • Assisting with reviewing and documenting IT risks associated with IT exceptions.
  • Supporting risk owners to define remediation plans and tracking remediation activities.
  • Assessing compliance with IT control requirements defined in Policies and Standards.
  • You will need to have strong stakeholder management skills and collaboration skills as you’ll be working closely with the Group IT team and our outsourced IT Infrastructure partner to coordinate efforts.

Responsibilities

Risk:

  • Processing day-to-day operational and information security technical IT risks/IT exceptions within the IT Risk Register.
  • Assisting the IT risk owner with assessing technical IT risks and documenting remediation plans.
  • Establishing formal reporting of technical IT risk within Group IT and to 2nd line.
  • Assisting with annual Group IT operational risk assessments.

Compliance:

  • Supporting IT control compliance activities, eg annual review of IT controls, including assessing the maturity score.
  • Assisting IT control owners with the ongoing self-assessment of IT controls to assist with 2nd line permanent control checks.
  • Coordinating IT control attestations within Group IT and with third party service providers.

Governance:

  • Assisting with the implementation of the IT risk and IT control management frameworks, and communication within Group IT.
  • Conducting governance reviews based on agreed frequencies.
  • Documenting IT risk and IT control management processes.
  • Supporting formal GRC reporting activities.

Experience

  • 3-5+ years of Information Security Governance, Risk and Compliance experience.
  • Knowledge of information security risk management frameworks and compliance practices.
  • Knowledge and familiarity with the DORA regulation is desirable.
  • Exposure to and understanding of IT Infrastructure and Business Applications areas.
  • Experience of working with Internal and External audit teams.
  • Proven ability in working across multi-disciplinary and multi-cultural, diverse environments.
  • Excellent written and oral communication skills, with strong interpersonal skills at all levels.
  • Strong presentation skills (written and verbal).
  • Industry recognised technical certifications such as ITIL, CISSP or similar would be desirable, but not essential.
  • Fluency in French would be desirable, but not essential.

We seek individuals from a diverse talent pool and encourage applicants from underrepresented groups to apply to our vacancies. Our commitment to fair recruitment processes means that we welcome applicants from all backgrounds, regardless of their lived experience or personal characteristics. We also invite applicants who meet most of the listed requirements, even if not all, to apply. If you require any adjustments to the application process, please let us know.

Barclay Simpson acts as an Employment Agency for permanent positions and an Employment Business for temporary/contract engagements.