GRC Analyst

  • Anywhere
  • Anywhere


Hays Technology are looking for a GRC Analyst to join an established financial services organisation based in London.

What you’ll be doing:
You will be responsible for ensuring the robust assessment and analysis of the information security risk assessment of external suppliers.

  • Working closely with the Security Architecture and Technology Change teams to ensure adequate controls are adhered to when onboarding new vendors.
  • Responsible for conducting timely security impact assessments of third party suppliers recording results accurately and initiating appropriate assurance response.
  • Responsible for the production of high quality, informative and accurate reports in respect of third party assurance assessments.
  • Provide advice and guidance to stakeholders on Information Security Minimum Requirements.
  • Provide advice to Information Security related briefings and Threat Management Groups.
  • Participate in and contribute to Information Security forums and bodies. Assist in the improvement of risk management and Information Security controls within the Group.
  • Ensure all activity is compliant with NIST, GDPR and other Financial Services relevant legislation including CPMI IOSCO.
  • Contribute to the collection and management of KRI’s and MI’s.
  • Ensure assurance portfolio of third party suppliers remains full and current
  • The role is expected to be a part of a global Team and will be seen by management as a trusted partner in a ‘high support and high challenge’ relationship.
  • Ongoing third party security assessments
  • Third party security risk reporting and metrics

What you’ll need to succeed:

  • Understanding and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
  • IT and cybersecurity policies and standards
  • Operational risk frameworks
  • Third Party Risk Frameworks
  • Regulatory compliance
  • Data protection
  • Technology & Cyber Security
  • Objective analysis of poorly defined problems
  • Proficient understanding of financial institutions and underlying business processes
  • Third Party Risk Management leadership
  • Partnership and influence
  • Negotiation and Partner management
  • Technological, organisational and/or operational change management

What you need to do now
If you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV, or call us now.
If this job isn’t quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.

To apply for this job please visit

To apply for this job please visit

Contact us


Related Jobs