Salary: £50,000 - 50,000 per year Requirements: 2 years experience in a GRC, risk, audit, or compliance-focused role Strong understanding of risk management methodologies and control environments Experience supporting or participating in audits (e.g. ISO 27001, GDPR, NIST or similar) Exposure to third-party risk management and supplier assurance Understanding of technical security concepts, with the ability to assess and challenge controls Detail-oriented, structured, and comfortable working within governance frameworks Strong communication skills, able to engage effectively with stakeholders across the business Responsibilities: Conduct and support security and operational risk assessments, ensuring mitigation plans are defined and tracked Assist in the development and maintenance of policies, standards, and control frameworks Support internal and external audits, including ISO 27001 and related compliance frameworks Manage and contribute to third-party and supplier risk assessments Monitor and report on risk posture, control effectiveness, and compliance metrics Identify gaps in controls and processes, driving continuous improvement across governance frameworks Work with technical teams to ensure security and compliance requirements are embedded into systems and projects Contribute to incident reviews and post-incident analysis, ensuring improvements are implemented Technologies: Embedded Support Security More: We are partnering with a well-established UK business in Liverpool during a key phase of growth and investment to recruit a GRC Analyst. This role focuses on governance, risk management, and compliance, working closely with stakeholders across the business to strengthen frameworks and support ongoing audit and regulatory requirements. We offer a competitive salary up to £50,000, generous annual leave entitlement, enhanced parental leave, life assurance, and regular social events. This is a fantastic opportunity for someone looking to build a career in GRC within a growing organization committed to enhancing its security and governance capability. last updated 12 week of 2026