Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit
Kingston-Upon-Thames, Surrey (3 days per week in the office)
My client, a successful UK based company are looking for a GRC Analyst to join them on a permanent basis.
Working in a small Information Security team this responsible role involves supporting the operation, maintenance and maturity of the Information Security program.
Duties and responsibilities will include:
* Ensuring the protection of information assets and technologies
* Contribution to completion of security related audits such as ISO27001, ISO27017, NIST-CSF, IASME Governance, SOX
* Conduct and document internal audits
* Manage Third Party Risk Management (TPRM) including vendor security programme reviews,
* Contribution to Subject Access Request and eDiscovery processes
You will need:
* Extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience
* Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards
* Good knowledge of the Cyber Essentials Plus Scheme as well as UK & EU General Data Protection Regulation (GDPR) and the Data Protection Act (2018)
* The ability to work autonomously and as part of a team, excellent communication skills
Certifications required:
* ISO/IEC 27001 Lead Implementer
* ISO/IEC 27001 Internal Auditor
* Security+
* CISM / CISSP
This is an excellent opportunity within a stable organisation dedicated to IT Security.
Governance, Risk and Compliance (GRC) Analyst - ISO27001 - SOX - Audit
Kingston-Upon-Thames, Surrey (3 days per week in the office)
#J-18808-Ljbffr