Information Security - GRC Analyst

Remote Full-time
About the position

The Information Security GRC Analyst supports the InfoSec GRC Lead in operating and improving the organization’s governance, risk, and compliance program. The role focuses on reviewing client MSAs and related security requirements, supporting internal and client audits, driving risk and exception management workflows, and supporting supplier/third-party security reviews. The organization is aligned to ISO/IEC 27001 and is implementing ISO/IEC 42001. The role supports compliance activities relevant to HIPAA, GDPR, and APPI. This is an excellent opportunity for recent graduates or young professionals to build their career in information security.

Responsibilities
• Governance & Management System Support: Maintain documentation and evidence for ISO/IEC 27001 & ISO/IEC 42001; support continual improvement activities.
• Client MSA & Security Requirements Review: Extract and document security requirements from client MSAs; identify gaps and risks; coordinate with Legal and Privacy teams.
• Audit Support: Coordinate internal and client audit requests; collect evidence; ensure traceability between requirements, controls, and evidence.
• Risk Management & Exceptions: Assist with risk assessments for vendors/projects; maintain risk registers; support exception workflows.
• Supplier Reviews: Assess third-party security submissions; track supplier risk ratings and remediation actions.
• Compliance Support: Help map regulatory requirements (HIPAA, GDPR, APPI) to internal controls; maintain compliance documentation.
• Reporting & Improvement: Produce operational reports on audit status/risk metrics; contribute to process improvements.

Requirements
• Exceptional attention to detail
• Strong written communication skills
• Professional discretion handling sensitive information
• Foundational understanding of information security concepts (access control, encryption, incident response)
• Exposure or interest in ISO/IEC 27001 or AI governance frameworks (ISO/IEC 42001)
• Suitable for junior candidates (1–3 years) in security, IT, risk, compliance, audit, or related fields, or equivalent demonstrated capability.
• Minimum requirement: Candidate must hold or be able to achieve the ISC2 Certified in Cybersecurity (CC) certification within an agreed onboarding period (company-supported).

Nice-to-haves
• Experience supporting audits, vendor risk reviews or privacy compliance is advantageous
• Familiarity with GRC/ticketing/documentation platforms (e.g., ServiceNow/Jira)
• Bachelor’s degree in information security, IT, Risk Management, Compliance, or similar is beneficial but not required with relevant experience.

Benefits
• You'll receive up to a 7% pension contribution, life insurance, income protection, and private medical insurance for peace of mind.
• Enjoy flexible working arrangements, including flexible hybrid working, along with the option to work from anywhere across the globe two weeks each year.
• We provide 25 days of annual leave plus two personal well-being days, along with gifted end-of-year holidays and an early Summer Friday finish in June, July, and August.
• Access free counselling through our employee assistance program, as well as personalized health support.
• Enhanced maternity, paternity, family leave, and fertility policies provide support across every stage of your family-planning journey, as well as on-demand support from our partner Peppy.
• You can also benefit from continuous opportunities to professionally develop with on-demand training, support, and global mobility opportunities across the business.

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Virtual Customer Support Agent – Remote Opportunity for Customer Service Representatives to Work from Home with blithequark

Remote

Senior AI Applications Engineer - Remote. Must have skills Python, Azure and LLM

Remote

**Experienced Data Entry Specialist – Unlock the Freedom of Working from Home with arenaflex**

Remote

Analyst, Investment Liaison - Private Asset Management; PAM

Remote

Learning Program Manager - Apple Ads

Remote

Operations Supervisor (Supply Chain/Logistics) – American Trucking Associations, Inc – Louisville, KY

Remote

**Experienced Data Entry Specialist – Online Remote Opportunity with arenaflex**

Remote

**Experienced Customer Service Representative – Remote Customer Support & Experience Enhancement**

Remote

Senior Software Engineer - Remote, Full-Stack Integrations

Remote

Apply Now: Urgently Require Clinic Director & Assistant Professor

Remote
← Back