GRC Analyst
Remote
£40,000 – £42,500
TRR is seeking an experienced GRC Analyst to support technology, information security, and regulatory risk management activities within a regulated environment.
You will conduct risk assessments, maintain enterprise risk registers, and work closely with business and technology stakeholders to ensure risks are identified, assessed, and managed in line with internal frameworks and regulatory expectations.
Key Responsibilities
- Perform technology, information security, data, and third-party risk assessments
- Apply frameworks such as ISO 27001 and NIST
- Maintain risk registers and track remediation actions
- Identify control gaps and support risk treatment plans
- Contribute to audits, regulatory reviews, and governance reporting
- Prepare concise management reporting and senior-level slide packs
Requirements
- 5+ years’ experience in GRC, technology risk, information security risk, or internal audit within a regulated environment
- Strong knowledge of ISO 27001, NIST, and GDPR
- Experience conducting risk assessments and managing remediation
- Advanced Excel and PowerPoint skills
- Relevant certifications (CISA, CRISC, CISSP, ISO 27001, GDPR/DPO) desirable
Should you feel you have the right skills / experience please apply and you will be contacted by James Evans from TRR
