GRC Analyst
A Global Enterprise Organisation requires a Contract GRC Analyst to join their GRC Transformation & improve their GRC function by providing hands on expertise with policy writing, 3rd party reviews and internal security assessments. The successful candidate will be proficient in using ServiceNow and well-versed in security frameworks such as ISO 27001, PCI DSS, and NIST.
Day Rate: £550-£650pd
IR35 Status: Inside
Duration: 3 months initially
Travel: 2 days a week in Hertfordshire Office
The successful GRC Analyst will have the following previous experience:
1. Policy Writing and Documentation:
Develop, review, and update policies related to governance, risk, and compliance, ensuring alignment with industry standards and business objectives.
2. Third-Party Assessments and Reviews:
Conduct thorough assessments and reviews of third-party vendors to evaluate compliance with security frameworks, identifying and mitigating potential risks.
3. Security Frameworks Implementation:
Utilize strong knowledge of ISO 27001, PCI DSS, and NIST to guide and support the organization in maintaining compliance with these security standards.
4. ServiceNow Administration:
Leverage extensive experience with ServiceNow to manage and streamline GRC processes, including incident management, risk assessments, and compliance tracking.
5. Standard Operating Procedures Development:
Develop and maintain Standard Operating Procedures (SOPs) to document risk assessment processes, business process workflows, and other critical GRC activities.
6. Internal Security Assessments:
Conduct internal security assessments to identify vulnerabilities and ensure the organization adheres to best practices in information security.
7. Collaboration and Stakeholder Management:
Work closely with various business units to ensure GRC initiatives are effectively integrated into business processes and align with overall company goals.