Job title, industry, keywords, etc.
City, State or Postcode

GRC Analyst

Intaso - Salford, England

Apply Now

Job Description

GRC Analyst – Salford (Hybrid, 3 Days in Office)Salary: £45,000 – £50,000 per annumContract: Full-time, PermanentLocation: Salford, Greater Manchester (Hybrid – 3 days per week in the office)The OpportunityAn exciting opportunity has arisen for a Governance, Risk and Compliance (GRC) Analyst to join a dynamic and growing organisation based in Salford. This hybrid role offers the chance to play a pivotal part in shaping and maintaining the company’s risk and compliance framework, ensuring alignment with key industry standards and regulations.The successful candidate will be instrumental in supporting governance processes, conducting risk assessments, and ensuring adherence to information security and data protection requirements across the business.Key ResponsibilitiesSupport the development, implementation, and maintenance of the organisation’s GRC framework.Conduct and document risk assessments, identifying control gaps and recommending appropriate mitigations.Maintain and update internal policies and procedures to ensure compliance with ISO 27001, GDPR, and other regulatory requirements.Assist with internal and external audits, including evidence gathering and control testing.Prepare and deliver compliance and risk reports for management review.Collaborate with internal teams to promote a culture of risk awareness and compliance.Contribute to awareness initiatives and training programmes.Candidate ProfileThe ideal candidate will have proven experience in a similar GRC, Risk, or Compliance role, with a strong understanding of information security and governance frameworks. They will be detail-oriented, analytical, and capable of engaging effectively with stakeholders across all levels of the organisation.Essential Skills and Experience:Previous experience in a GRC, Risk, or Compliance Analyst position.Good knowledge of frameworks such as ISO 27001, NIST, or COBIT.Understanding of data protection and privacy regulations (e.g., GDPR).Excellent written, verbal, and interpersonal communication skills.Strong analytical and organisational abilities.Relevant professional certifications (e.g., ISO 27001 Lead Implementer/Auditor, CISM, CRISC, CISSP) are desirable but not essential.

Created: 2025-11-04