Senior Governance, Risk & Compliance Analyst
Location: Cheltenham, UK (Hybrid working)
Benefits: 27 days holiday plus Wellbeing day, Private Medical Insurance, Bonus scheme, Sharescheme, Enhanced pension plan, Life assurance, Discount scheme.
Role Overview:
The Senior Governance, Risk and Compliance Analyst will be part of an energetic, dynamic international team of Information Security and IT professionals supporting a global business and internal customer base. The successful candidate will provide guidance and advice to the business supporting risk management measures around compliance, privacy, and 3rd party supply chain risk reduction requirements.
Your objectives and responsibilities will focus on:
1. Leading on the planning and delivery of a group wide training and awareness programme.
2. Building and maintaining a central repository of customer security and compliance questions and projects.
3. Developing and monitoring the security and compliance queue for incoming customer requests, ensuring a ticket is created/maintained for all requests.
4. Developing and maintaining weekly, monthly and quarterly stats and relevant metrics across the GRC team capability stack.
5. Developing and maintaining our 3rd party risk management processes.
6. Assisting in the management and maintenance of the Group Information Security Management System (ISMS) to advance business compliance accreditations such as Cyber Essentials, CMMC (US) or MLPS (China).
7. Maintaining SOPs, process and procedure documentation, standard customer responses for customer compliance assessments and responding to customer security assessment questionnaires quickly and accurately.
Your previous experience is likely to include:
1. Working within a GRC service function; delivering remediation plans, managing privacy and risk assessment requests.
2. Completion of, or willing to work towards achieving a formal Information Security qualification.
3. Working knowledge of ISMS and popular frameworks such as ISO 27001, NIST CSF, CIS 18 Controls, SCF, SOX, ITL.
4. A working understanding of cloud security and 3rd party security risks.
5. Using GRC and audit tools for internal use and in managing 3rd party risk.
To be successful in this role you will:
1. Demonstrate Company Core Values at all times.
2. Demonstrate knowledge of regulatory compliance and privacy standards.
3. Understand the differences and relationships between security, risk, compliance and privacy principles.
4. Demonstrate strong initiative, a proactive approach and drive.
5. Possess the desire to learn continuously.
6. Demonstrate strong attention to detail and analytical thinking.
Spirax Group is a FTSE100 and FTSE4Good multi-national industrial engineering Group with expertise in the control and management of steam, electric thermal solutions, peristaltic pumping and associated fluid technologies.
Our Purpose is to create sustainable value for all our stakeholders as we engineer a more efficient, safer and sustainable world. Our technologies play an essential role in critical industrial processes and industrial equipment across industries as diverse as Food & Beverage, Pharmaceutical & Biotechnology, Power Generation, Semiconductors and Healthcare. With customers in 165 countries, we provide the solutions that sit behind the production of many items used in daily life, from baked beans to mobile phones!
Our Purpose, supported by our inclusive culture and Values, unites us, guides our decisions and inspires us everywhere that we operate. We support our colleagues to make their difference for each other as well as customers, communities, suppliers, our planet and shareholders by creating a truly equitable working environment where everyone feels included.
Benefits
You will receive a competitive salary (and a discretionary bonus), flexible working and excellent benefits including 27 days holiday allowance (before bank holidays), 3 days’ paid volunteering leave, comprehensive private healthcare, enhanced pension plan, life assurance, optional participation in a Share Ownership Plan, free onsite parking, flexible benefits, and access to a personal discounts’ portal. We also offer a range of additional support and benefits through our Everyone is Included Group Inclusion Plan, detailed below.
Everyone is Included at Spirax Group
We are passionate about creating inclusive and equitable working cultures where everyone can be themselves and achieve their full potential. For us, that means supportive teams and strong relationships where everyone’s contribution is valued - across social and cultural backgrounds, ethnicities, ages, genders, gender identities, abilities, neurodiversity, sexual orientation, religious beliefs, and everything else that makes us human and unique.
We want everyone to be able to make their difference here, so we will always consider requests for flexible working.
We know that everyone needs some extra help from time to time too, so we have introduced a range of additional benefits through our Group Inclusion Commitments. These include gender-neutral parental leave, 15 days of extra paid caregiver leave, paid time off and support for anyone experiencing pregnancy loss or domestic abuse, menopause-friendly workplace principles and more. Learn more at www.spiraxgroup.com/en/life-at-spirax/our-inclusive-group/our-inclusion-commitments.
We are also a Disability Confident Committed Employer. If you would like to apply using this scheme, please select this option in our application form or notify our recruitment partners.
#J-18808-Ljbffr