Our client is a versatile and dynamic conglomerate that spans across various industries, including retail, home improvements, industrial and safety products.
You will be working in an environment committed to innovation and community impact, and one that fosters the growth and high performance of its employees.
The Role
As GRC Analyst, you will be responsible for governing, managing risks, and ensuring compliance in the organisation's information security program.
The successful candidate will oversee cyber security risk management, advocate the security posture to clients, coordinate cyber awareness training, manage third party risks, and update policy documentation across business units.
Responsibilities Include:
- Lead third-party risk program, overseeing onboarding, contracts, and representation in sales/marketing.
- Maintain risk data, conduct audits, report key risks, champion ownership, and collaborate for enterprise risk management.
- Manage security metrics, policies, incidents, stay updated on trends, and implement control assurance and monitoring.
- Lead awareness training and implement uplift initiatives across WIS.
- Ensure HSE compliance, report breaches, and participate in safety-related training and toolbox talks.
- 5-7 years in security related fields.
- 2+ years in GRC.
- Familiarity with key risk frameworks (NIST, ACSC, ISO27001, PC, ASD Essential Eight, SOCI).
- Understand the role of key audit reports e.g. SOC 2; PCI; ISO27001.
- Familiar with a range of information security tools like firewalls, antivirus, encryption, SIEM, and vulnerability scanners.
To apply please click apply or call Sabrina Turner on 0 8289 3145 for a confidential discussion.