Enable job alerts via email!
Governance, Risk and Compliance Analyst
Vista
London
On-site
GBP 40,000 - 70,000
Full time
Boost your interview chances
Job summary
Vista is looking for a dedicated Governance, Risk and Compliance Analyst to enhance compliance with regulatory standards and manage IT risk across the organization. This role will involve collaboration with various teams to uphold security controls and ensure adherence to GRC practices.
Qualifications
- 2-3 years of experience in GRC or Information Security.
- Knowledge of frameworks like GDPR, ISO 27001, NIST CSF.
- Certifications like ISO27001 Lead Implementer or CRISC are a plus.
Responsibilities
- Maintain and improve the Information Security Management System (ISMS).
- Conduct audits and risk assessments.
- Collaborate with teams on privacy standards and compliance.
Skills
Education
Tools
Job description
Join to apply for the Governance, Risk and Compliance Analyst role at Vista.
Job Profile
We are seeking a dedicated and detail-oriented Governance, Risk and Compliance (GRC) Analyst to join our team. In this role, you will ensure compliance with regulatory obligations, align with frameworks and security standards, and manage IT risk across the organization and supply chain. You will collaborate with cross-functional teams and work closely with external vendors, auditors, and clients to embed GRC practices, maintain security controls, and ensure adherence to frameworks and policies.
Your Responsibilities
- Maintain and improve our Information Security Management System (ISMS).
- Monitor compliance with security frameworks.
- Support the IT and Information Security policy lifecycle.
- Maintain the IT Security risk register.
- Manage risk and track risk mitigation across teams.
- Conduct security reviews and risk assessments of suppliers and partners.
- Complete audits for clients and coordinate with audit teams.
- Audit internal processes for compliance.
- Work with the Privacy Analyst on DPIAs, RoPAs, and data subject workflows.
- Maintain the GRC platform and security awareness training platform.
- Assist in creating and maintaining metrics on control effectiveness and maturity.
- Stay updated on relevant frameworks and regulatory requirements.
Required Skills, Qualifications, and Experience
- Bachelor’s degree in Information Security or related field; relevant certifications (e.g., ISO27001 Lead Implementer, CIPP, CRISC) are a plus.
- At least 2-3 years of experience in GRC, Information Security, or related fields.
- Experience with GRC platforms like OneTrust is advantageous.
- Knowledge of risk management methodologies and frameworks such as CIS 8.0, ISO 27001, NIST CSF, GDPR, NIS2.
- Experience with audits, privacy breach investigations, and legal/regulatory interpretation.
- Ability to guide teams on privacy standards and compliance.
- Exposure to cloud environments and AI systems risk controls is a bonus.
- Strong understanding of privacy laws like GDPR, CCPA.
- Associate
- Full-time
- Information Technology
- Airlines and Aviation
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Similar jobs
Senior Governance, Risk & Compliance Consultant
Jago Consultants
Worthing null
Remote
Remote
GBP 50,000 - 80,000
Full time
Governance, Risk and Compliance Analyst
Vista Global
London null
On-site
On-site
GBP 45,000 - 65,000
Full time
job faster
