GRC Analyst - #1698535

Location: Bristol Office (3 days a week in the office, 2 days if living more than 1.5 hours away)

We are working with a global client seeking a GRC Analyst to focus on risk management, compliance, and policy. You will be responsible for developing and implementing internal control frameworks and defining policies in line with industry standards such as NIST and ISO 27001. Collaboration with various business units will be key to reducing risk and ensuring compliance with regulations.

Key Responsibilities:

• Focus on risk management and compliance, including policy and standards development.
• Map internal controls to industry standards such as NIST and ISO 27001.
• Build and define security policies, ensuring alignment with organizational goals.
• Develop and manage compliance frameworks using Microsoft tools such as SharePoint, Power BI, Power Automate, and Risk Automate.
• Work closely with security operations, procurement, risk management, and technology teams across various regions.
• Identify and deliver service/control improvements and contribute lessons learned to future projects.

Desired Skills and Qualifications:

• Certifications: CISA, CISM, CRISC, NIST, ISO 27001.
• Experience with building compliance frameworks and policies using Microsoft tools.

Please apply if interested!