GRC Analyst
- Bristol Area
- Permanent
- Full-time
- Governance
- Risk Management
- Compliance
- Security Awareness & Training
- Incident Response & Business Continuity
- Data Protection & Privacy
- Assist with risk assessments and maintain risk registers.
- Support the development and review of security policies and procedures (ISMS).
- Help track compliance with regulatory and framework requirements (e.g., ISO 27001, Cyber Essentials Plus, SRA)
- Contribute to internal and external audit preparation and evidence gathering.
- Maintain documentation related to controls, risks, and compliance activities.
- Support security awareness and training initiatives.
- Participate in incident response and business continuity planning exercises.
- (ISC)² Certified in Cybersecurity (CC)
- ISACA Cybersecurity Fundamentals Certificate
- BCS Foundation Certificate in Information Security Management Principles (CISMP)
- ISO/IEC 27001 Foundation
- Certified in Risk and Information Systems Control (CRISC) – Associate Pathway
- NIST Cybersecurity Framework (NCSF) Foundation