GRC Analyst

Job DescriptionThe RoleAt WHSmith our people are at the heart of everything we do. They are the ones that go the extra mile for our customers. The ones that enable our growth. That’s why our IT team works closely with stakeholders to develop and implement technology solutions.As a GRC Analyst here you will be responsible for the operational and process assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organisation's information security policies.What you will be doingMaintaining information security policies, processes, and standards in coordination with internal security and business stakeholdersManaging and maintain the information & data security roadmap, incident, and information requestsWorking directly with business partners to facilitate risk assessment and management, assessing, and communicating in line with relative policies and processesFacilitating the delivery of the information and data security education and awareness training framework across the business to ensure consistent application of policies and standardsMaintaining technical solutions and procedural controls required to manage information security risk in line with the organisation’s information security policiesFacilitating regular access control, asset inventory reviews and remediation plans, in line with the access control policy and asset management policyPartnering with all technology groups (internal and external) as the data security representative on development projects to deliver secure and compliant security operational servicesDocumenting evidence in support of annual PCI DSS and privacy impact assessments (DPIA)What we are looking forExperience in a combination of risk management, information security and IT roles (including Audit)Knowledge gained through working with common information security management frameworks (e.g. ISO27001, Cyber Essentials, NIST, PCI DSS, SOC2)A strong knowledge of Office 365, Teams, and SharePointKnowledge of data protection regulations and requirementsExperience of PCI-DSS controls and implementationHow we reward our teamsHybrid working Model from home and in the office4pm Friday FinishFlexible Working25 Days holiday, plus your Birthday off, plus Bank Holidays with an opportunity to buy extra days holidayFamily Friendly LeaveCompetitive Pension ContributionSharesave SchemeAnnual Bonus based on company and personal performanceCompetitive Salary and Car AllowancePrivate Medical InsuranceStaff Discount Card for stores and onlineAbout usWHSmith have occupied our place in our customers’ hearts for over two decades. You’ll find our stores and our family of brands in airports, hospitals, railway stations, on high streets and in shopping centres – as well as right across the world! We are an ambitious team that thrives on pace, collaboration and innovation resulting in a real entrepreneurial culture.Celebrating 230 years, we’re proud to have grown and evolved into a globally recognised brand present in over 30 countries around the world, and we’re proud to be that air of familiarity people love and trust on their journey, both in life and through life. As a diverse group of over 12,000 colleagues, we are all on the same journey to a better business through our commitments to our planet, people and the communities we serve.WHSmith are proud to be an inclusive employer, we want our colleagues to feel welcome, and free to be themselves with us.