Senior Cyber Governance, Risk & Compliance (GRC) Analyst

Location: DMGT HQ - High Street Kensington, London | Position: Permanent

We're looking for an experienced and motivated Senior Cyber Governance, Risk & Compliance (GRC) Analyst to join our Information Security team. This is a hands‑on role for someone who thrives on responsibility, builds strong relationships, and takes pride in delivering high‑quality, practical outcomes. You'll play a key role in managing information security and compliance risks across dmg media and its third parties, supporting a culture of continuous improvement and accountability. While not essential, experience or interest in AI technologies and how they intersect with security, privacy, and compliance would be a plus.

• Conduct and lead risk assessments, audits, and compliance reviews across dmg media's systems, data, and third‑party suppliers.
• Identify, evaluate, and document information security and data protection risks, developing clear and actionable mitigation plans.
• Support the development, implementation, and monitoring of the Information Security and GRC frameworks, ensuring alignment with organisational goals.
• Partner with the Procurement, Legal/Privacy, and Technology teams to ensure risk, compliance, and data protection requirements are embedded in vendor relationships.
• Maintain and enhance records within dmg media's risk, compliance, and service management systems.
• Provide clear and practical guidance to business teams on information security, data privacy, and compliance best practices.
• Monitor and report on compliance metrics and control effectiveness, escalating significant risks or issues appropriately.
• Stay informed of relevant industry standards, regulations, and emerging technologies, including developments in AI, data protection, and media security.
• Support internal and external audits, including ISO 27001, PCI‑DSS, GDPR, and other frameworks.

• 3+ years' experience in information security, GRC, or risk management, ideally within a complex or fast‑paced organisation.
• Strong understanding of key frameworks and standards such as ISO 27001, NIST, GDPR, and CIS Controls.
• Demonstrated experience conducting risk assessments, compliance reviews, or third‑party due diligence.
• Excellent communication and interpersonal skills, able to build trusted relationships across business and technical teams.
• Strong analytical and problem‑solving skills, with the ability to interpret complex information and make sound recommendations.
• Proven ability to manage multiple projects and priorities with attention to detail and accountability.
• High level of integrity, professionalism, and discretion when handling sensitive information.
• Positive attitude, collaborative approach, and strong work ethic are essential qualities for success in this team.

• Exposure to AI systems or data analytics and an understanding of their governance or compliance implications.
• Experience within the media, technology, or digital services sectors.
• Professional certifications such as CISM, CISSP, CRISC, or ISO 27001 Lead Auditor.
• Experience using GRC tools and risk management platforms.
• Awareness of AI governance frameworks or upcoming regulatory changes (e.g. EU AI Act).

Our benefits package increases the longer you've been with us. Here's what to expect:

• 25 days' holiday (increasing by 1 per year up to a total of 30)
• Pension plan and life cover
• Discounts on online shopping, dining cards and vouchers, and access to our Employee Assistance Programme
• Onsite gym, subsidised canteen and onsite nurse and GP clinics

Plus much more…

dmg media maintains an unwavering commitment to uncovering the stories that matter most. Its brands Daily Mail, The Mail on Sunday, Metro, The i Paper, MailOnline, and Mail+ reach more than 9 million people daily in the UK. Globally, dmg media's brands reach 160 million unique browsers every month across its domains and apps.*

Its global newsroom of journalists, formidable story‑getting power, and breadth of content formats, delivers highly engaging, trusted content to loyal and new audiences, 24 hours a day, seven days a week. The Mail brand reaches three in five Brits every month and is officially the best‑read, most recognised, most engaged newsbrand in the country. It is the largest news publisher on TikTok with over 28 million total followers and nearly 45 billion views** in the past year.

www.dmgmedia.co.uk

*GA Sept 2024 **March 2024 - Feb 2025 inclusive

We are committed to increasing diversity and maintaining an inclusive workplace culture. We welcome applications from all qualified candidates regardless of their ethnicity, race, gender, religious beliefs, sexual orientation, age, marital status, or disability.

We are Disability Confident Committed. Please let us know if you require any recruitment documentation in other formats or if you require reasonable adjustments to be made during the recruitment process. Please be assured that any such information will be held separately to your recruitment application and will not be considered as part of the selection process.