4 of 4 GRC Jobs in Surrey

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

looking for an Information Security Analyst to join their team. This is an excellent opportunity to play a key role in advancing the company's security posture by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing … reviews and updates to ensure controls remain effective against evolving threats Essential skills: Minimum 2 year's experience in information security, with a solid understanding of security control and governance frameworks Experience in developing security controls catalogue in a financial services environment (highly desirable) Proven experience in delivering security projects within a federated organisation Desirable skills: Knowledge of NIST CSF More ❯

benefits The IT Risk, Policy & Training Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and management of risks. This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory … programme. Assisting the Privacy Team in ensuring DPIAs are completed where required. Required skills and experience: Some experience of working in an IT function or in an audit/governance role Knowledge of IT risk management and IT governance, risk, and compliance (GRC) would be an advantage but not essential. Understanding of cybersecurity risks and controls would be an advantage … oral and written communication skills, with high attention to detail Ability to produce high quality, detailed outputs. Good analytical skills Highly organised and able to implement and manage robust governance processes. Strong relationship building and interpersonal skills across a wide range of stakeholders. Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply More ❯

benefits** The IT Risk, Policy & Training Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and management of risks. This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory … programme. Assisting the Privacy Team in ensuring DPIAs are completed where required. Required skills and experience: Some experience of working in an IT function or in an audit/governance role Knowledge of IT risk management and IT governance, risk, and compliance (GRC) would be an advantage but not essential. Understanding of cybersecurity risks and controls would be an advantage … oral and written communication skills, with high attention to detail Ability to produce high quality, detailed outputs. Good analytical skills Highly organised and able to implement and manage robust governance processes. Strong relationship building and interpersonal skills across a wide range of stakeholders. Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply More ❯