Currently recruiting for a GRC analyst based in Scotland on a Hybrid basis usually in the office twice a week in either Glasgow, Aberdeen and Perth. Salary is up to £50,300

GRC Analyst

Hybrid (2 days in the office)

Up to £50,300

Glasgow, Aberdeen or Perth

Responsibilities

• Provide 1st line risk management support by operating, managing, and maintaining the Operational Risk Register, and providing updates to senior stakeholders, Transmission 2nd line Risk Team and Group Risk & Audit.

• Assist in the implementation of a control framework across IT and OT domains.

• Perform tasks to plan, schedule, track, monitor and manage issues related to audit, compliance and risk assessments of the control framework.

• Assist in the creation of risk reports to effectively convey outputs of risk and control assessments to senior management, highlighting controls weaknesses/deficiencies, the evolving threat landscape, horizon/emerging risks, and much more.

Qualifications

• Prior experience in security risk/controls assessments and ideally you will have experience with operating risk registers and/or GRC tooling.

• Knowledge on common security management frameworks would be beneficial; for example, ISO/IEC 27001/2 Standards, ITIL, NIST Cybersecurity Framework, NCSC CAF, MITRE ATT&CK framework, etc.

• Collaborative skills with the ability to work across disciplines and with colleagues ensuring collective accountability and individual responsibility for task ownership.

• Strong reporting and presentational skills.

If interested please apply or drop me an email on (see below)