Principal GRC Analyst

The Governance, Risk & Compliance (GRC) Analyst will play a key role in strengthening our global security posture by supporting the development and maintenance of information security policies, delivering engaging security training, coordinating phishing simulations, and contributing to enterprise-wide risk management activities. This role is ideal for someone with a strong understanding of cybersecurity best practices and the ability to translate them into practical improvements across systems and business processes. You will help drive complex GRC initiatives from inception to successful delivery, ensuring alignment with relevant compliance frameworks and supporting a culture of continuous security enhancement.

• Salary of up to £75,000

• Perm

• Hybrid or able to travel – Flexible

Not only are we offering a competitive salary and a fantastic bonus scheme, you’ll also be entitled to loads of great benefits including, discount and cash back on hundreds of high‑street shops and private health insurance, plus much more.

• Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals X

• Prepare and deliver information security training, education, and awareness activities appropriate for target audiences

• Evaluate effectiveness of information security controls and recommending remediation or control re‑design guidance where necessary

• Fine tune and drive adoption of an information security risk assessment framework and related processes; maintain Information Security risk registers and perform annual assessments

• Maintain knowledge of FTC Safeguards, PCI DSS, ISO 27001, and NIST CSF and ensure organizational compliance

• Partner with business leaders to gain a deeper understanding of their needs and provide solutions that meet their goals and objectives while aligning with security best practices and policy

• Maintain working knowledge of data privacy laws and regulations

• Mentor junior members of the GRC Team and support their professional development

• Proficiency in using GRC tools and software to streamline and automate risk and compliance processes (i.e., AuditBoard)

• Skilled in audit management and experience liaising with third party auditors

• Able to work in a complex, global environment, actively and effectively managing relationships with other business units and stakeholders

• Skilled in communicating technical requirements with non‑technical stakeholders

• Excellent oral and written communication skills

• Excellent problem solving and analytical skills

• Strong time management skills, including effective responsibility prioritisation

• Strong analytical and problem‑solving skills to identify and assess security risks and develop appropriate mitigation strategies

• Familiarity with relevant industry regulations and compliance requirements such as GDPR, CCPA, SOX, etc.

• Familiarity with various cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls, etc.

If this sounds like you and you’d like to join our rapidly expanding company that offers excellent career progression, then apply now!

You’ll be working for an award winning; Investors in People Gold accredited organisation. We’re passionate about the ethical treatment of our customers and employees. Our mission is to create pathways to economic freedom. Our vision is to make credit accessible by partnering with our consumers to restore their financial health.

We value a multitude of diverse talent within our business. We want everyone to be themselves at work and encourage a culture that includes everyone. Our policies ensure that every candidate and employee are treated fairly and with equal opportunities.

At Cabot we are highly regulated by our clients, as such, any successful candidates will have to undergo a basic credit check and criminal background check. Please note that we are unable to proceed to interview stage if a CCJ, IVA or Bankruptcy appears on a credit file, or if you do not have full right to work in the UK – we are unfortunately unable to offer sponsorship.