Senior Security GRC Analyst

An exciting opportunity for an experienced GRC Analyst to be a part of our global IT Security team. Design, implement, and evolve security governance initiatives, drive data protection efforts, own business continuity readiness, and be a visible force for change across the organization. This is a full-time, on-site position based in our Hammersmith, London office.

You bring five years of relevant experience in IT Security and GRC. You are a builder, a strategic problem-solver, and a passionate security evangelist who thrives on making security integral to how we work. You have:

• A strong background in hands-on security governance, risk management, and compliance delivery, as well as in driving security awareness programs and influencing behaviour across departments.
• Proven experience implementing and managing technical and administrative data protection controls.
• Working knowledge of key frameworks (ISO 27001, NIST, GDPR, SOC2, ITGC).
• Experience leading BCP/DR programs and running real or simulated incident response scenarios.
• Exceptional communication skills—you can translate control language into business impact and vice versa.

• Lead Risk Assessments: Conduct cybersecurity risk assessments aligned with Hansen’s framework, document and track risks, and ensure timely remediation and stakeholder communication.
• Drive Governance & Compliance: Develop and enforce security policies aligned with ISO 27001, SOC, NIST, and regulatory standards; support audits, certifications, and control effectiveness.
• Manage ISMS & Reporting: Operate and enhance the ISMS, maintain risk registers and governance documentation, and deliver audit-ready reporting.
• Enforce Data Protection & Access Control: Implement data protection measures, conduct regular access reviews, and validate the effectiveness of security configurations.
• Promote Security Awareness & Resilience: Lead awareness campaigns, manage incident response plans, and oversee BCP/DR planning with regular testing and improvements.
• Oversee Stakeholders & GRC Tools: Collaborate with internal/external stakeholders, manage third-party security performance, and optimize GRC tools for risk tracking and reporting.

Join us for a rewarding career with competitive compensation, leave entitlements, health coverage, and financial security. Enjoy work-life balance, growth, and recognition for your exceptional performance. Our team will unveil the intricacies of our benefit package during the selection process.