Join the team as a GRC Information Security Analyst at hireful, a global technology company based in the UK.
As a GRC Analyst, you will collaborate with internal stakeholders and external auditors to maintain and enhance our security program, ensuring compliance with ISO 27001, PCI DSS, SOC 2, NIST, CIS benchmarks, GDPR and other regulatory requirements.
Location: Central London (hybrid with remote flexibility; required in‑office 1–2 days per week).
Compensation: £60K–£65K base + 10 % bonus + excellent benefits.
Key Responsibilities
* Implement and maintain ISO 27001, PCI DSS, SOC 2, NIST, CIS benchmark controls.
* Conduct risk assessments and produce compliance reports for audit engagements.
* Coordinate with cloud teams (AWS, Azure) and on‑prem environments (Windows/Linux). This role is not technical hands‑on but requires strong understanding.
* Leverage automated GRC tooling such as Drata, Vanta, OneTrust.
* Provide guidance and support to business units to meet data protection (DPA, GDPR) and other statutory obligations.
Required Experience & Skills
* Proven experience in GRC security, audits and implementing controls.
* Deep knowledge of ISO 27001, PCI DSS, SOC 2, NIST, CIS and relevant legislation (DPA, GDPR).
* Experience with cloud security and compliance frameworks.
* Strong communication and stakeholder management, both internal and external.
* Ability to translate regulatory requirements into actionable controls.
Nice to Have
* Hands‑on experience with GRC tooling such as Drata, Vanta, OneTrust.
* Professional certifications (e.g., CISA, Lead Auditor).
Reporting to the IT Security GRC Director. If you’re a motivated professional looking to advance your career in a world‑class team, apply now or contact us for a confidential discussion.
#J-18808-Ljbffr