Salary: £50,000 - 60,000 per year Requirements: Proven experience in a Cyber Security GRC or Information Security Analyst role Strong understanding of recognised security frameworks (ISO 27001, NIST, etc.) Experience supporting PCI DSS and GDPR compliance Exposure to third-party risk management processes Strong analytical skills with the ability to engage effectively with technical and non-technical stakeholders Relevant certifications such as CISM, CISSP or CISA (desirable but not essential) Responsibilities: Support ongoing alignment with ISO 27001, ISO 22301 and NIST standards Conduct security risk assessments and contribute to the continuous improvement of the risk management framework Assist in overseeing supplier and supply chain security assurance processes Support initiatives that promote a positive and proactive security culture Contribute to the development and maintenance of security policies, standards and procedures Assess security controls and provide recommendations for improvement Support PCI DSS compliance requirements and collaborate with relevant stakeholders on GDPR adherence Assist with BC/DR planning, testing and documentation Technologies: Support Security More: We are seeking a GRC Analyst to strengthen our governance, risk, and compliance capability within our organization. We are committed to maintaining robust security standards and regulatory compliance across our operations. This is a fully remote role based in the UK, offering the opportunity to develop within a growing and evolving security function. You will gain exposure to a complex, multi-site, and digitally enabled environment, where you will have genuine influence across governance, risk, and compliance activities. last updated 7 week of 2026