GRC / Cyber Security Risk Analyst

Hays Technology

Remote-friendly

An organisation undertaking a significant cyber security improvement programme is seeking an experienced GRC / Cyber Security Risk Analyst to help establish stronger security governance, risk management and compliance practices.


This is an opportunity to join a business that is investing heavily in the maturity of its cyber security capability. The successful contractor will play a key role in building and improving governance processes, supporting risk-based decision making and helping drive meaningful security improvements across a diverse technology estate.


The role requires a practical individual who can balance governance and compliance requirements with the realities of operational delivery.


The Role:


You will work across technology, security and business teams to identify, assess and manage cyber security risks while helping establish consistent governance processes and controls.


Responsibilities will include:

  • Conducting cyber security and technology risk assessments
  • Maintaining and developing security risk registers
  • Managing asset registers and supporting asset governance activities
  • Facilitating security governance forums and risk review meetings
  • Supporting the creation and enhancement of security policies, standards and procedures
  • Working with stakeholders to assess risks and agree remediation priorities
  • Monitoring and tracking risk treatment plans
  • Supporting ISO27001-aligned governance, risk and compliance activities
  • Contributing to wider security maturity and control improvement initiatives

What We're Looking For:

  • Experience working within GRC, cyber security risk or information security functions
  • Strong understanding of cyber security risk management principles
  • Experience maintaining risk registers and conducting risk assessments
  • Knowledge of ISO27001 and ideally ISO27005
  • Experience supporting governance forums, compliance activities and policy development
  • Ability to engage confidently with technical and non-technical stakeholders
  • Strong documentation and communication skills
  • Pragmatic, delivery-focused approach

Desirable Experience:

  • Experience within large, operationally complex environments
  • Exposure to NIST, Cyber Essentials Plus or similar security frameworks
  • Knowledge of enterprise security controls and security operations functions
  • Experience supporting wider cyber transformation or security maturity programmes

Contract Details:

  • Outside IR35
  • Initial 6-month contract
  • £400 - £450 per day
  • Hybrid working
  • North West England
  • One-stage interview process
  • Immediate start available

This role would suit a Cyber Security Risk Analyst, Information Security Analyst, GRC Analyst, Security Governance Analyst or Cyber Compliance Specialist looking to play a key role in a large-scale security improvement programme.

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

Apply Now →

Application opens at the source listing. Free for jobseekers.