GRC Information Security Analyst - FTC

AgileSource are looking for a skilled Information Security Analyst to help deliver governance, risk, and compliance (GRC) services for a key client engagement.


In this role, you’ll collaborate with senior business stakeholders, technical teams, and security leaders to support the organisation in enhancing its cyber security maturity. You’ll contribute to risk management practices, compliance activities, and broader security governance, while assisting with the implementation and upkeep of recognised industry frameworks and standards

.
This position suits a security professional who is comfortable working in a client-facing capacity and can offer practical, risk-based guidance to a variety of audience

s.
Key Responsibilit

  • iesAssist in delivering cybersecurity governance, risk, and compliance activities aligned to recognised frameworks such as ISO 27001, NIST Cybersecurity Framework, Cyber Essentials, and GovAssu
  • re.Perform information security risk assessments across business operations, projects, systems, and third-party provide
  • rs.Maintain and update risk registers, monitor mitigation activities, and support ongoing cyber risk management effor
  • ts.Develop and maintain security documentation, including policies, standards, audit artefacts, assessment outputs, and senior-level reporti
  • ng.Provide support during internal and external audits, control assessments, and compliance revie
  • ws.Engage with stakeholders across technical teams, programme delivery functions, and leadership to gather requirements, collect evidence, and support security initiativ
  • es.Contribute to supplier security assessments and third-party risk process
  • es.Support the evolution of security governance frameworks, processes, and control environmen
  • ts.Help embed secure-by-design principles, data governance practices, and security standards across transformation, recovery, and operational initiativ
  • es.Participate in organisational security governance activities, including awareness, reporting, and risk communicati

on.
Skills & Experi

ence
Esse

  • ntial3–5 years’ experience in information security, cyber risk, IT audit, compliance, or related discipl
  • ines.Proven experience carrying out risk assessments and evaluating security cont
  • rols.Solid understanding of governance, risk management, and compliance conc
  • epts.Working knowledge of ISO 27001 and information security management systems (I
  • SMS).Familiarity with frameworks such as NIST CSF and Cyber Essent
  • ials.Experience contributing to audit or assurance engagem
  • ents.Strong communication and stakeholder management sk
  • ills.High standard of written documentation and repor
  • ting.Ability to translate technical security topics for non-technical audie
  • nces.Willingness to be onsite in London 2–3 days per

week.
Des

  • irableExperience within public sector, government, regulated industries, or large enterprise environ
  • ments.Awareness of GovAssure and public sector security expecta
  • tions.Exposure to cloud platforms such as Microsoft Azure an
  • d AWS.Use of GRC tools or risk management plat
  • forms.Understanding of security architecture or secure-by-design methodol

ogies.
Certifi

cations
The following certifications would be advan

  • tageous:ISO 27001 Lead Implementer or Lead
  • AuditorCompTIA S
  • ecur
  • ity+
  • CGRCC
  • ISACRISCCISSP (or Associat
e level)
Apply Now
Apply Now

Job Details

Company
AgileSource Ltd
Location
London Area, United Kingdom
Posted