Lawrence Harvey are pleased to be working with a start-up Compliance Platform that are looking for a GRC Analyst. They work with companies design Security controls, gain Security certifications and conduct audits like SOC 2 or ISO 27001 and stay compliant with regulations like HIPAA and GDPR.

I am ideally looking for someone with a GRC or IT Audit background to help with internal and client's control testing, SOC 2 audits and ISO27001 compliance.

The role;

• You will work with internal stakeholders and client's control testing, SOC 2 audits and ISO27001 compliance.

• Engage with stakeholders to agree a mitigation plan, a remediation strategy and appropriate timelines for any issues found.
• Articulate risks identified from various sources in terms of business impact, and maintain the risk register up-to-date with all new risk information and changes.
• Support the creation and maintenance of new security standards, procedures and guidelines.
• Assist in the preparation of IM Security Risk reports

You will;

• Come with knowledge and understanding of risk management principles and best practices, keeping abreast of changes to industry standards, regulations and best practice
• Experience working with information security standards and frameworks (ISF, Cyber Essentials, ISO, NIST, etc.)
• Provide measurable examples of Security research outside of work

Lawrence Harvey is acting as an employment agency in regards to this position. Visit our website www.lawrenceharvey.com and follow us on Twitter for all live vacancies @lawharveyjobs