GRC Analyst

Social network you want to login/join with:

A Global Enterprise Organisation requires a Contract GRC Analyst to join their GRC Transformation & improve their GRC function by providing hands on expertise with policy writing, 3rd party reviews and internal security assessments. The successful candidate will be proficient in using ServiceNow and well-versed in security frameworks such as ISO 27001, PCI DSS, and NIST.

Day Rate: £550-£650pd
IR35 Status: Inside
Duration: 3 months initially
Travel: 2 days a week in Hertfordshire Office

The successful GRC Analyst will have the following previous experience:

Policy Writing and Documentation:
Develop, review, and update policies related to governance, risk, and compliance, ensuring alignment with industry standards and business objectives.

Third-Party Assessments and Reviews:
Conduct thorough assessments and reviews of third-party vendors to evaluate compliance with security frameworks, identifying and mitigating potential risks.

Security Frameworks Implementation:
Utilize strong knowledge of ISO 27001, PCI DSS, and NIST to guide and support the organization in maintaining compliance with these security standards.

ServiceNow Administration:
Leverage extensive experience with ServiceNow to manage and streamline GRC processes, including incident management, risk assessments, and compliance tracking.

Standard Operating Procedures Development:
Develop and maintain Standard Operating Procedures (SOPs) to document risk assessment processes, business process workflows, and other critical GRC activities.

Internal Security Assessments:
Conduct internal security assessments to identify vulnerabilities and ensure the organization adheres to best practices in information security.

Collaboration and Stakeholder Management:
Work closely with various business units to ensure GRC initiatives are effectively integrated into business processes and align with overall company goals.