The following job is no longer available:
GRC Analyst
GRC Analyst
GRC Analyst
Posted 24 days ago
- Manchester, Greater Manchester
- Any
- External
- Expired - 2 months ago
Manchester or London (Hybrid), United Kingdom AJ Bell AJ Bell is a low cost, award-winning platform for the DIY investor. Learn more about our SIPP, ISA, junior ISA and Dealing account.
View company page
We are now looking for a GRC Analyst to support the GRC Manager in managing and reporting the Information Security Risks faced by Technology Services and Business teams in delivering AJ Bell’s systems and services. The Information Security GRC function works with the business and the wider information security team to ensure the appropriate controls, policies and procedures are in place to protect AJ Bell in-line with industry best practice and regulatory legislation. In addition, this role will be responsible for coordinating and responding to activities affiliated with external/internal IT audits as well as due diligence exercises requested by our external business partners and those we perform on our suppliers.The key responsibilities of the role are:Demonstrated expertise in implementing risk frameworks and applying risk management principles.Ensure continuous alignment with business strategy through oversight of the IT General Controls framework, activities, and processes, including comprehensive metrics and reporting.Work with multiple process owners and risk leads to perform gap analysis and risk assessments to propose strategies on risk remediation.Support on the wider GRC function such as 3rd party risk and supplier due diligenceRegular reporting on GRC key risk and key performance indicators, including regular review of remediation activitiesEngaging with stakeholders across the business, including learning and development teams and senior stakeholders to define and communicate key cyber security culture and awareness trainingSupport teams on the provision of evidence and communication with auditorsWork to ensure risks are managed within risk appetite and findings are closed within an agreed timeframe.Support alignment and reviews of our maturity against security frameworks as agreed with the CISO, such as NIST CSF and ISO 27001/2Perform any other GRC duties and responsibilities, as assigned.Knowledge & SkillsExperience in security governance, risk, and compliance or related.Broad and solid understanding of cyber security concepts and risks.Strong familiarity with industry frameworks such as ISO standards, NIST, and SOC reports.Demonstrable knowledge in the assessment of third-party suppliers.Experience in drafting security policies and proceduresStrong analytical thinking, written, and oral communication skills.Effective communication skills, both written and verbalAbility to plan, take ownership, organise and follow through on assigned tasks and complete with little or no prompting from managementAbility to challenge approach, strategy and implementation to ensure Information Security is consistently considered and improvedAbout us:AJ Bell is one of the fastest-growing investment platform businesses in the UK offering an award-winning range of solutions that caters for everyone, from professional financial advisers, to DIY investors with little to no experience. We have over 484,000 customers using our award-winning platform propositions to manage assets totalling more than £76.2 billion. Our customers trust us with their investments, and by continuously striving to make investing easier, we aim to help even more people take control of their financial futures.Having listed on the Main Market of the London Stock Exchange in December 2018, AJ Bell is now a FTSE 250 company.Headquartered in Manchester with offices in central London and Bristol, we now have over 1300 employees and have been named one of the UK's 'Best 100 Companies to Work For’ forsix consecutive years.What we offer:Starting salary
of £50,000 - £65,000 (DOE)Generous holiday allowance increasing up to 31days with service, plus bank holidaysCasual dress codeDiscretionary bonusContributory pension schemeDedicated time for proof-of-concepts and assessing new techSupport to attend conferences, events, and meet-upsBuy as you earn share schemeFree annual share schemeEnhanced maternity/paternity scheme from day oneBike loanSeason ticket loan portalDiscounted PMI and DentalFree gymPaid volunteering opportunities, free social events and moreAJ Bell is committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and all employees are empowered to bring their whole self to work.We do not discriminate on the basis of race, sex, gender identity, sexual orientation, age, pregnancy, religion, physical and mental disability, marital status and any other characteristics protected by the Equality Act 2010. All decisions to hire are based on qualifications, merit and business need.Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
View company page
We are now looking for a GRC Analyst to support the GRC Manager in managing and reporting the Information Security Risks faced by Technology Services and Business teams in delivering AJ Bell’s systems and services. The Information Security GRC function works with the business and the wider information security team to ensure the appropriate controls, policies and procedures are in place to protect AJ Bell in-line with industry best practice and regulatory legislation. In addition, this role will be responsible for coordinating and responding to activities affiliated with external/internal IT audits as well as due diligence exercises requested by our external business partners and those we perform on our suppliers.The key responsibilities of the role are:Demonstrated expertise in implementing risk frameworks and applying risk management principles.Ensure continuous alignment with business strategy through oversight of the IT General Controls framework, activities, and processes, including comprehensive metrics and reporting.Work with multiple process owners and risk leads to perform gap analysis and risk assessments to propose strategies on risk remediation.Support on the wider GRC function such as 3rd party risk and supplier due diligenceRegular reporting on GRC key risk and key performance indicators, including regular review of remediation activitiesEngaging with stakeholders across the business, including learning and development teams and senior stakeholders to define and communicate key cyber security culture and awareness trainingSupport teams on the provision of evidence and communication with auditorsWork to ensure risks are managed within risk appetite and findings are closed within an agreed timeframe.Support alignment and reviews of our maturity against security frameworks as agreed with the CISO, such as NIST CSF and ISO 27001/2Perform any other GRC duties and responsibilities, as assigned.Knowledge & SkillsExperience in security governance, risk, and compliance or related.Broad and solid understanding of cyber security concepts and risks.Strong familiarity with industry frameworks such as ISO standards, NIST, and SOC reports.Demonstrable knowledge in the assessment of third-party suppliers.Experience in drafting security policies and proceduresStrong analytical thinking, written, and oral communication skills.Effective communication skills, both written and verbalAbility to plan, take ownership, organise and follow through on assigned tasks and complete with little or no prompting from managementAbility to challenge approach, strategy and implementation to ensure Information Security is consistently considered and improvedAbout us:AJ Bell is one of the fastest-growing investment platform businesses in the UK offering an award-winning range of solutions that caters for everyone, from professional financial advisers, to DIY investors with little to no experience. We have over 484,000 customers using our award-winning platform propositions to manage assets totalling more than £76.2 billion. Our customers trust us with their investments, and by continuously striving to make investing easier, we aim to help even more people take control of their financial futures.Having listed on the Main Market of the London Stock Exchange in December 2018, AJ Bell is now a FTSE 250 company.Headquartered in Manchester with offices in central London and Bristol, we now have over 1300 employees and have been named one of the UK's 'Best 100 Companies to Work For’ forsix consecutive years.What we offer:Starting salary
of £50,000 - £65,000 (DOE)Generous holiday allowance increasing up to 31days with service, plus bank holidaysCasual dress codeDiscretionary bonusContributory pension schemeDedicated time for proof-of-concepts and assessing new techSupport to attend conferences, events, and meet-upsBuy as you earn share schemeFree annual share schemeEnhanced maternity/paternity scheme from day oneBike loanSeason ticket loan portalDiscounted PMI and DentalFree gymPaid volunteering opportunities, free social events and moreAJ Bell is committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and all employees are empowered to bring their whole self to work.We do not discriminate on the basis of race, sex, gender identity, sexual orientation, age, pregnancy, religion, physical and mental disability, marital status and any other characteristics protected by the Equality Act 2010. All decisions to hire are based on qualifications, merit and business need.Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
