GRC Analyst

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. 

Location We operate a flexible, hybrid working environment with the candidate required to travel to our central London or Winchester office up to twice a week.

We offer 

• Circa £56K base
• 6% pension contribution
• Private Medical
• 25 days annual leave
• Access to our comprehensive flexible benefits including discounts on big brands, wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance
• Work. Life. Smarter. Our commitment to a flexible and hybrid working culture 

As a GRC Analyst you will: 

• Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments
• Assist with internal audits and help prepare for external audits to maintain compliance with ISO27001 and other standards
• Help identify and assess information security risks, working closely with the Cyber Risk Manager
• Provide guidance to colleagues on basic security best practices and requirements
• Contribute to reporting on the ISMS performance and improvement plans
• Support continual improvement initiatives and track progress
• Keep up to date with key trends and changes in information security and ISO standards
• Help maintain and update the security controls library

What you’ll bring

• Strong communication and interpersonal skills
• Good analytical and problem-solving skills
• A proactive and collaborative approach
• Integrity and a commitment to confidentiality and professionalism

Qualifications

• A bachelor’s degree in computer science, information technology, cyber security, or a related field

Experience and knowledge

• Familiarity with information security frameworks, especially ISO27001 (2013 or 2022)
• Basic understanding of risk management principles and security controls
• Interest in developing expertise in auditing, compliance, and risk

Desirable (nice to have)

• Knowledge of other standards or frameworks such as Cyber Essentials Plus, NIST Cyber Security Framework, or ISO27701
• Awareness of legal and regulatory requirements (e.g., NIS Directive, Telecom Security Act, Data Protection Act)

We are the undisputed leader in UK TV and radio broadcast, and the UK’s leading Smart utilities platform, directly shaping the future of connectivity.  

Through our established infrastructure we ensure that media and data are delivered exactly where they’re needed most, whether it’s bringing content to your TV or radio or transmitting data from your smart meter to your utility provider - chances are our services are a part of your daily life, seamlessly connecting you through our behind-the-scenes technology.  

With an impressive history and an innovative future ahead of us, leading the transition of global media distribution to cloud based solutions and creating scalable solutions for new connectivity sectors - you’ll have many opportunities to develop and grow your unique career with us.  

Why Arqiva? Reward . Connection . Growth 

At Arqiva, we believe in supporting you to be your best, both at work and outside of it. That’s why our rewards and benefits go far beyond your pay; take a look at our totalreward2025 booklet. 

Here, you’ll find endless opportunities to connect, whether that’s with colleagues through our internal networks and events or by making a difference in the communities where we work. 

And when it comes to your career, we’re committed to helping you grow. Whether you want to become a specialist in your field or climb to the top, we’ll support you every step of the way.  

#LI-KM1