Information Security Analyst – GRC Salary: £45,000 Contract: 12-month Fixed Term Contract (FTC) Location: Central Birmingham (Hybrid – 3 days per week on site) The Role We have an exciting opportunity for an Information Security Analyst – GRC to join a busy and collaborative technology function on a 12-month fixed term contract. This role will play a key part in supporting governance, risk and compliance (GRC) activities, with a strong focus on third-party risk management and data protection assurance across the organisation. Based in Central Birmingham, the role operates on a hybrid working model, requiring three days per week on site. Key Responsibilities Third-Party Risk Management Conduct and coordinate information security and privacy risk assessments for new and existing suppliers. Assess supplier controls relating to data protection, information security, data hosting and subcontractor usage. Maintain accurate records of organisational data shared with third parties, including purpose of use, classification, sensitivity and processing location. Ensure supplier data handling arrangements clearly define retention, archiving and deletion requirements in line with internal policies and regulatory obligations. Support Procurement, Vendor Management, Legal and Information Security teams to embed supplier assurance throughout onboarding, renewal and contract processes. Track remediation actions with ...