GRC Analyst

Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving real transformation change within our clients.  We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data and business applications.  We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals.

About the role:

• The GRC Analyst shall help to manage compliance and assurance activities across all global locations for our client.
• The role will ensure that relevant Policies, Procedures and Processes are defined and updated to reflect global requirements and local variations.
• To ensure that Risks are identified, recorded, and managed accordingly.
• To ensure that the Risk actions are tracked and monitored to completion.
• The role will be involved with the review and assessment of Key Controls globally within IS and identifying and escalating any deficiencies within the control assessment process.
• As GRC Analyst you will be part of the team who deliver the risk management, control, compliance, and assurance programmes.

Here’s what the role looks like:

• Ensure that assessments are regularly conducted, which can identify potential weaknesses in IS Control environment.
• Liaise with internal/external auditors during audits and assessments, ensuring the timely and accurate provision of information and addressing any findings or recommendations.
• Assist IS teams in the completion of testing, evidence gathering and submission to demonstrate Operating and Design effectiveness of controls.
• Provide training and input to control assessments to staff where required. Request and collection of SOC1 Type 2 and SOC 2 reports for all SaaS applications.
• Connect with teams to obtain supporting evidence for OS changes on Infrastructure as well relevant supporting information for applications.
• Connect with various Business teams regarding processes, User access matrices, DR/BCP solutions and relevant supporting evidence for applications.
• Work with support partners to gather information, evidence, processes, and other relevant support information for applications.
• Support with remediation of IS controls, where applicable, for all applications including establishing recurring requests for audit purposes e.g. requesting SOC reports, user access reviews and other control measures
• Ensure management of change processes are in place to support relevant IS controls for all applications.
• Align with IS database team and support partners to ensure relevant control measures are in place for data integrity, relevance, and maintenance for all applications.

Requirements

Here are the key skills and experience relevant to this role:   

• Proven track record in developing policies and procedures.
• Proficient in IT governance and quality standards
• Advanced Microsoft 365 skills (Excel/PowerPoint) are preferred.
• Experience in risk management and control assessments.
• Strong knowledge of General IT Controls (GITC) assessments, evidence provision and control operation.
• Experience working with third party vendors and on-premise solutions.
• Experience with internal infrastructure and database risks and controls.
• Familiarity with one or more industry frameworks and standards such as ITIL, COBIT, NIST Cybersecurity Framework, and ISO 27001.
• Strong communication skills, both verbal and written, with the ability to present technical information to non-technical stakeholders effectively.
• Demonstrated ability to work independently, manage multiple priorities, and meet deadlines in a fast-paced environment.
• Ability to influence and collaborate with cross-functional teams.

Benefits

At Sword, our core values and culture are based on caring about our people, investing in training and career development and building inclusive teams where we are all encouraged to contribute to achieve success.

We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life.  In addition to a Competitive Salary, here's what you can expect as part of our benefits package:

Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.

Flexible working: Flexible work arrangements to support your work-life balance.  We can’t promise to always be able to meet every request, however are keen to discuss your individual preferences to make it work where we can.

A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes, an employee assistance programme, discounted cash plan and more…..

At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement.  If you don’t tick all the boxes but feel you have some of the relevant skills and experience we’re looking for, please do consider applying and highlight your transferable skills and experience.  We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex or sexual orientation. Your perspective and potential are important to us.

If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.