Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

We are looking to recruit a junior analyst to provide assistance to our Senior GRC Manager who has a broad range of responsibilities including, but not limited to, managing certifications (such as ISO 27001 and Cyber Essentials Plus), providing support to users, managing the Company’s IT hardware, responding to client security and data protection questions and incident response.

The role will involve assisting the Senior GRC Manager to design and enforce policies and procedures that protect our organisation from all forms of security breaches. You will be responsible for helping to ensure that our people, networks, products and data remains secure.

To be successful in the role you should have good analytical skills and some knowledge of best practices used to prevent a wide range of security threats. You should be capable of communicating well both verbally and in written forms and be a confident IT user. There is an expectation that this role will also cover some IT administration matters.

Due to the diverse nature of the role full training will be provided.

·        Providing general technical support to staff (including password resets) and delegating tasks to external IT companies where necessary.

·        Assisting with setting up accounts for new staff.

·        Maintenance and configuration of IT hardware including laptops, desktops and printers.

·        Accurate recording of equipment inventory.

·        Managing/assisting with staff requests for new software installation and downloads.

·        React to incidents if the Senior GRC Manager is not available.

·        Assisting in the compilation of risk assessments on behalf of suppliers and clients.

Requirements

Must have:

●       Good communicator.

●       Ability to work without supervision at times and still deliver tasks on time.

●       Willingness to work outside of core working hours if required and to be on call during silent hours and weekends when needed.  A key aspect of the role is that the successful candidate will share on-call responsibilities with the Senior GRC Manager.

●       To be a competent user of Microsoft Office 365 products such as Word, PowerPoint and Excel.

●       Knowledge of how computers and networks function.

●       Previous experience of basic IT hardware fault finding including how to re-install Windows.

●       Basic security knowledge about best practices for use of logins, passwords, multi-factor authentication, encryption and biometrics.

●       Ability to understand and interpret data from a variety of dashboards.

●       To be analytical in their approach to fault finding.

Highly desirable:

●       Understanding of what comprises the Microsoft Ecosystem and how it functions.

●       Capable of producing draft documents, such as policies, for review and completion by the Senior GRC Manager.

Desirable

●       Some knowledge of the types of security related certifications that exist, specifically ISO 27001 and Cyber Essentials.

●       Basic knowledge of at least one cloud-based platform such as Microsoft Azure or Google Cloud Platform.

Benefits

• £30k, exp. dependent

• Some travel to London office but not often
• 25 days of annual leave (where 3 during Christmas stand down) + UK bank holidays
• Private health insurance
• Wednesday Lunch Club allowance
• Extended maternity/paternity policy
• Sick pay beyond SSP
• Training budgets, including ACII
• Regular team socials
• Employee option scheme (subject to approval and qualifying period)