Job Description
The Governance, Risk and Compliance (GRC) Analyst is responsible for supporting the organisation’s governance, risk management and compliance function activities. This role involves supporting the GRC senior analysts/managers in identifying, assessing and mitigating risks, ensuring compliance with regulatory requirements and developing and implementing policies and procedures to safeguard the organisation’s information assets.
Key Accountabilities
Risk Management:
- Conduct risk assessments and analyse the potential impact on the organisation
- Develop risk mitigation strategies and monitor the effectiveness of risk management efforts
- Maintain a risk register and track risk mitigation activities to completion.
Compliance:
- Ensure compliance with relevant internal and external regulations (e.g. corporate rules/standards, PCI, Cyber Essentials, etc.)
- Conduct regular audits and assessments to identify compliance gaps
- Work with internal and external auditors to facilitate compliance reviews and audits
- Develop and maintain documentation for Compliance activities.
Controls:
- Perform control testing activities in accordance to the established testing schedule and methodology
- Evaluate the design and operational effectiveness of internal controls
- Conduct walkthrough and gather evidence to support control testing conclusions
- Document control testing procedures, results and findings.
Governance:
- Develop, implement, and maintain policies and procedures related to information security, information technology and risk management
- Provide guidance and training to staff on governance, risk, and compliance matters
- Monitor and report on compliance with organisational policies and regulatory requirements.
Collaboration and Communication:
- Collaborate with various departments to ensure an integrated approach to risk management, control management and compliance
- Communicate risk and compliance issues to senior management and relevant stakeholders
- Provide regular reports on the status of risk management and compliance efforts.
Continuous Improvement:
- Stay current with industry best practices, standards, and regulatory requirements
- Recommend and implement improvements to GRC processes and tools.
Technical Skills
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
- Ability to manage multiple priorities and work independently
- Proficiency in GRC tools and software
- Ability to work in a fast-paced environment and meet tight deadlines
More Information
- Address Guildford, ENG, GB, GU1 1DB
- Salary Offer £Competitive