GRC Risk Analyst

Job Title: GRC Risk Analyst

Location: London, UK

Duration: 6+ months

Working Mode: hybrid

Summary

Seeking an experienced GRC Risk Analyst to support technology, information security, and regulatory risk activities. The role focuses on risk assessments, risk register management, reporting, and working with stakeholders across business and technology.

Key Responsibilities

• Perform technology, information security, data, and third-party risk assessments.
• Apply ISO 27001, NIST, GDPR, and UK/EU regulatory frameworks.
• Maintain and monitor enterprise risk registers and remediation actions.
• Engage stakeholders across business, IT, security, privacy, and compliance.
• Prepare risk reports and senior-management slide packs (Excel/PowerPoint).
• Support audits, regulatory reviews, and governance forums.

Skills & Experience

• Strong GRC/technology risk background within financial services or regulated environments.
• Hands-on experience with ISO 27001, NIST, GDPR, and risk assessment methodologies.
• Advanced Excel & strong PowerPoint reporting skills.
• Excellent communication and stakeholder-management capabilities.
• Detail-oriented, proactive, and able to work independently.

Preferred Qualifications

• 5+ years in GRC, tech risk, InfoSec risk, or internal audit.
• Certifications such as ISO 27001, CISA, CRISC, CISSP, or GDPR/DPO (desirable).