Information Security GRC Analyst
Information Security GRC Analyst
Greenford, West London | Full-Time | Permanent
Are you passionate about information security, governance, risk, and compliance? Do you enjoy helping organisations strengthen their security posture while ensuring regulatory and industry compliance?
An exciting opportunity has arisen for an Information Security GRC Analyst to join a growing and purpose-driven organisation where technology, education, and innovation come together to make a meaningful impact.
This role offers the chance to work across a diverse group of businesses, supporting information security governance, risk management, compliance initiatives, and certification programmes. Working closely with the Information Security Manager, you will play a key role in shaping and enhancing the organisation's security framework while helping to drive a culture of security awareness and best practice.
Key responsibilities include:
• Conducting information security risk assessments and ensuring alignment with security policies and industry best practice
• Supporting the maintenance and development of the corporate information security risk register
• Producing security reports, dashboards, and risk summaries for senior stakeholders
• Supporting the implementation and ongoing management of ISO 27001 across the wider organisation
• Working with stakeholders to identify, manage, and mitigate security risks
• Conducting third-party supplier and vendor risk assessments
• Developing, reviewing, and maintaining information security policies and procedures
• Monitoring compliance with regulatory, contractual, and industry requirements
• Supporting internal and external security audits and ensuring remediation actions are completed effectively
• Delivering and maintaining security awareness training programmes for employees
• Assisting with certification initiatives including ISO 27001 and Cyber Essentials Plus
• Supporting investigations, technical reviews, and security improvement initiatives alongside technical teams
The successful candidate will possess:
• A degree in Information Technology, Computer Science, Cyber Security, or a related discipline
• Strong experience within Information Security, Governance, Risk, and Compliance (GRC) environments
• Proven experience implementing and maintaining ISO 27001 frameworks
• Experience conducting risk assessments and translating technical risks into meaningful business impact
• Strong understanding of risk management methodologies, compliance frameworks, and security governance principles
• Excellent stakeholder management and communication skills
• Strong analytical and problem-solving abilities
Professional certifications such as ISO 27001 Lead Implementor, ISO 27001 Internal Auditor, CRISC, CGRC, or CGEIT are highly desirable.
This role would particularly suit someone looking to further develop their career within information security governance while gaining exposure to a broad range of security, risk, compliance, and business continuity initiatives.
Why join?
You'll be joining an organisation with a strong social purpose, a collaborative culture, and a genuine commitment to professional development. In return, you'll benefit from excellent learning opportunities, a comprehensive benefits package, generous annual leave, bonus potential, and the opportunity to make a real impact within a growing technology and education environment.
Location: Greenford, West London
Contract: Permanent
Working Hours: 40 Hours Per Week
Salary: £40,000 – £42,500
Please note that sponsorship is not available for this position.
Please apply directly via LinkedIn.