Salary: £104,000 - 130,000 per year Requirements: We are looking for someone who can support third-party risk and supplier assurance activities. We would like experience with policy management, including reviewing and updating security policies. We need someone familiar with risk and compliance processes. Basic awareness of frameworks such as ISO 27001, NIST, or CIS would be helpful. We are looking for someone comfortable working in a delivery-focused, directive environment. We value a practical, reliable, and detail-oriented approach. This role would suit someone early in their GRC career who wants to build foundational experience across risk, policy, and third-party assurance. Responsibilities: We will support third-party risk and assurance activities. We will assist with security policy reviews and updates. We will maintain and update risk registers and documentation. We will support audits and compliance activities. We will help drive basic GRC processes and controls. We will carry out tasks aligned with our wider Know Your System (KYS) principles, including understanding assets, processes, and risks across the environment. We will work in a pragmatic, delivery-focused environment to improve security maturity while keeping day-to-day operations moving. Technologies: Support Security More: We are hiring a hands-on GRC Security Analyst to join our growing security function in a fast-paced and developing environment. This is a 6-month contract with a rate of £400-£500 inside IR35, and the role is based in London with on-site work three times a week. We operate in a reactive, fast-moving, low-maturity security environment, so we need someone who is willing to roll up their sleeves and help establish and improve GRC basics. We are proud of our diverse and inclusive community and welcome applicants from all backgrounds and perspectives. If you need any adjustments during the recruitment process, please let us know so we can support you. last updated 24 week of 2026