Job Specifications
GRC Analyst – Cybersecurity Consultancy
Location: Manchester Hybrid
Salary: £50,000-£57,000 + Benefits
Overview
We’re representing a highly accredited UK cybersecurity consultancy that is seeking a GRC Analyst to join its growing governance, risk, and compliance team.
This role offers the opportunity to work across a diverse portfolio of clients, helping to strengthen their security posture, ensure compliance with regulatory and contractual obligations, and contribute to the ongoing development of robust risk and assurance frameworks.
Ideal for someone with experience in GRC, assurance, or information security, this position provides exposure to high-impact projects within a collaborative, forward-thinking environment.
Key Responsibilities
Governance & Compliance: Support and maintain compliance frameworks, including ISO 27001, CAF, and other relevant standards.
Risk Management: Identify, assess, and monitor security risks, ensuring effective mitigation and continuous improvement within the ISMS.
Audit & Assurance: Plan, conduct, and coordinate internal and external audits, tracking findings and follow-up actions to closure.
Policy & Control Development: Assist in developing, reviewing, and improving security policies, procedures, and control documentation.
Supplier & Third-Party Risk: Support assurance activities with suppliers, partners, and service providers to maintain a consistent security baseline.
Information Governance: Contribute to compliance with data protection regulations such as GDPR and the Data Protection Act 2018.
Awareness & Training: Promote security best practice through awareness initiatives and collaboration with internal and external stakeholders.
Stakeholder Engagement: Build strong relationships across technical and business functions to support security governance objectives.
Skills & Experience
Essential:
Experience within GRC, assurance, risk management, or information security.
Understanding of risk assessment methodologies and compliance frameworks (e.g. ISO 27001, CAF, NIST).
Strong communication and reporting skills, with the ability to produce clear, concise documentation.
Excellent organisation and prioritisation skills with attention to detail.
Confident engaging with stakeholders at all levels of the business.
Desirable:
Experience with audit management tools or compliance automation platforms.
Knowledge of GDPR, Data Protection Act 2018, or similar legislation.
Degree in Cybersecurity, Information Security, or a related field.
Professional certifications such as CISA, CISM, CISSP, or ISO 27001 Lead Implementer/Auditor.
Benefits
Competitive salary and comprehensive benefits package.
Flexible hybrid working arrangements.
Access to professional development and certification support.
Inclusive and supportive culture focused on collaboration and innovation.
Clear opportunities for career growth and progression within a fast-scaling consultancy.
Core Values
This organisation is driven by collaboration, accountability, and innovation. It fosters a culture of continuous improvement and empowers its people to make meaningful contributions to both client success and the company’s mission of delivering security excellence.
About the Company
As a leading recruitment agency, we specialise in providing staffing solutions across various industries, including Technology, Digital, Sustainability, and Change & Transformation. Our commitment to trust, innovation, and inspiration forms the core of our business values, guiding every interaction and partnership.
Maxwell Bond is more than a recruitment agency; we are a strategic partner committed to maximising people's potential. Our purpose goes beyond traditional recruitment, driving us to empower both clients and cand...
Know more