UBDS Group
Information Technology and Services
InformationSecurityGRCAnalyst
Neural analysis suggests this role is
optimal for Mid candidates.
“Information Security GRC Analyst at UBDS Group. Skills: Information Security, GRC, Risk Management, Compliance. Support cybersecurity governance activities. Support risk activities”
Industry & Context.
Risk-based security advice
London 2-3 days per week
What They're Looking For.
Must Have
3–5 years' experience in Information Security, 3–5 years' experience in Cyber Security, 3–5 years' experience in GRC, 3–5 years' experience in IT Audit, 3–5 years' experience in Risk Management, Experience conducting risk assessments, Experience conducting control reviews, Understanding of security governance principles, Understanding of risk management principles, Working knowledge of ISO 27001, Working knowledge of ISMS, Familiarity with NIST Cybersecurity Framework, Familiarity with Cyber Essentials, Experience supporting audit activities, Experience supporting compliance activities, Experience supporting assurance activities, Stakeholder engagement skills, Communication skills, Excellent report writing, Excellent documentation skills, Excellent presentation capabilities, Communicate complex security concepts, Able to work in London 2-3 days per week
Nice to Have
Experience in government environments, Experience in public sector environments, Experience in regulated environments, Experience in enterprise environments, Knowledge of GovAssure assessments, Knowledge of public sector security requirements, Familiarity with Microsoft Azure, Familiarity with AWS, Experience using GRC platforms, Experience using risk management tooling, Understanding of Secure by Design principles, Understanding of security architecture principles
What You'll Do.
Support cybersecurity governance activities
Support risk activities
Support compliance activities
Conduct information security risk assessments
Maintain security risk registers
Track remediation actions
Support cyber risk management
Produce security documentation
Produce compliance evidence
Produce assessment reports
Produce executive-level reporting
Support internal audits
Support external audits
Support control reviews
Support assurance activities
Support compliance assessments
Engage with stakeholders
Drive security initiatives
Support supplier assurance
Support third-party risk management
Assist with security governance processes
Assist with security controls improvement
Support embedding security best practices
Support embedding data governance
Support embedding Secure by Design principles
Contribute to security awareness
Contribute to risk reporting
Contribute to governance activities
How You'll Work.
Team & Collaboration
Client-facing environment; Senior stakeholders; Technology teams; Security leadership; Business functions; Technology functions; Technical teams; Programme teams; Operational teams; Leadership teams
Communication Scope
Stakeholder engagement; Report writing; Documentation; Presentation; Communicate complex concepts; Technical audiences; Non-technical audiences
Full Job Description
### About the Role We are seeking an experienced Information Security Analyst to support the delivery of governance, risk, and compliance (GRC) services for one of our leading clients. Working closely with senior stakeholders, technology teams, and security leadership, you will play a key role in strengthening the organisation's cyber security posture through effective risk management, compliance assurance, and security governance activities. You will support the implementation and maintenance of recognised security frameworks and standards while helping to drive security improvements across business and technology functions. This is an excellent opportunity for a security professional, who is comfortable operating in a client-facing environment and can provide pragmatic, risk-based security advice. ### Key Responsibilities * Support the delivery of cybersecurity governance, risk, and compliance activities, ensuring alignment with frameworks including ISO 27001, NIST Cybersecurity Framework, Cyber Essentials, and GovAssure. * Conduct information security risk assessments across business processes, programmes, projects, technology platforms, and third-party suppliers. * Maintain security risk registers, track remediation actions, and support the effective management of cyber risk across business and technology functions. * Produce high-quality security documentation, including policies, standards, compliance evidence, assessment reports, and executive-level reporting. * Support internal and external audits, control reviews, assurance activities, and compliance assessments. * Facilitate workshops and engage with stakeholders across technical, programme, operational, and leadership teams to gather requirements, collect evidence, and drive security initiatives. * Support supplier assurance and third-party risk management activities. * Assist with the development and continuous improvement of security governance processes and controls. * Support in embedding security bes
Applying for this Information Security GRC Analyst role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about UBDS Group?
Real rants from real employees. Read before you apply.