Facebook pixel

Governance Risk and Compliance
GRC, Information Security-Senior Analyst
Posted on 3/16/2023
United Kingdom
Experience Level
Desired Skills
  • Excellent communication skills, attention to detail and growth mindset
  • Take ownership, demonstrate a sense of urgency, and ensure accuracy and quality
  • The ability to translate Information Security risks into the business language to support and drive informed decision making
  • A passion for compliance and knowledge of finance-related regulatory obligations/standards such as PCI-DSS, FCA, EBA, GLBA and US state financial regulations
  • Forward-looking and out of the box thinking with the ability to work with technical teams to translate regulatory requirements and audit findings into automated controls where feasible
  • Bachelor's degree in a related field or equivalent work experience
  • One or more relevant qualifications e.g, CISM, CISA, CRISC, CGEIT or equivalent
  • Knowledge of COBIT and ITIL processes
  • Support the design and execution of the Information Security Governance Risk and Compliance roadmap
  • Assist to effectively manage Information Security risks through compliance with relevant regulatory, legal, contractual, and implementation of risk treatments prioritised based on cost benefit analysis to ensure resources are distributed to the area where it's most needed
  • Support in establishing Information Security governance that serve Zepz's intention and direction through development and management of administrative controls and, promoting awareness
  • Assist to provide accurate and timely information to the business to make informed strategic, operational and service delivery decisions while remaining fully aware of risks and impact
  • Work with Internal and External stakeholders to ensure continuous compliance with regulatory requirements
  • Work closely with ERM and Audit and other teams where required to ensure risks are managed within risk appetite and audit findings are closed within an agreed timeframe
  • Raise the bar on documentation by running workshops with teams on the templates created and how to design and write audit ready documentation as per best known
  • Support alignment and reviews of our maturity against security frameworks as agreed with the CISO, such as NIST CSF
  • Help build meaningful metrics to support senior management decisions
  • Perform any other GRC duties and responsibilities, as assigned

51-200 employees