TRR is seeking an IT/GRC Risk Analyst to support technology, information security, and regulatory risk management activities
You will conduct risk assessments, maintain enterprise risk registers, and work closely with business and technology stakeholders to ensure risks are identified, assessed, and managed in line with internal frameworks and regulatory expectations.
Key Responsibilities
* Perform technology, information security, data, and third-party risk assessments
* Utilise knowledge of ISO 27001 and NIST to assess risks.
* Maintain risk registers and track remediation actions.
* Liaise with Risk Owners to assess the risk score and update accordingly.
Requirements
* 1-3 years’ experience in an analyst role within GRC, technology risk, information security risk, or internal audit.
* Knowledge of ISO 27001, NIST, and GDPR.
* Experience conducting risk assessments and managing remediation.
* Experience updating the risk register and carrying out administrative duties within a risk function.
* Excel and PowerPoint skills.
Should you feel you have the right skills / experience please apply and you will be contacted by James Evans from TRR