Senior Information Security Risk Analyst (3701)

***This role is hybrid and will require some office attendance at our Chester hub. Please only apply if you are able to attend this location regularly***

About GBG

GBG is the leading expert in global identity and location. In an increasingly digital world, GBG helps businesses grow by giving them intelligence to make the best decisions about their customers, when it matters most.

Every second, our global data, agile technology, and expert teams, power over 20,000 of the world's best-known organisations to reach and trust their customers.

Learn more at www.gbgplc.com and follow us on LinkedIn and X @gbgplc

Why you should be@GBG

• We make the world a safer place
• We trust each other and win together
• We are local experts in a global business
• We want you to be yourself
• We grow when you grow

About the team

GBG’s Information Security team of c30 team members, enable delivery of GBG’s business strategy by ensuring GBG is secure and trusted. The team provides four core capabilities:

• Governance, Risk and Compliance
• Cyber Defence
• Product Security
• Security Architecture

The role

Support of GBG’s Information Security Risk programme, making sure It Is implemented properly with minimal risk to GBG, our customers and stakeholders.

What you will do

• Support the delivery of the GBG information security strategy including advanced and technical projects globally
• Support with raising awareness of risk identification and management within the business to align to ‘think risk first’
• Manage and maintain the information security risk register to ensure risks are managed in line with policy
• Create, manage and analyse risk management information to ensure risks are understood within the business and managed in line with expectations
• Engage with leaders within the business to manage risks in line with policy
• Develop information security risk education and awareness training within the organisation
• Conduct risk assessments of new projects
• Conduct supplier risk management activities including contract reviews
• Create, manage and maintain the Operation Resilience and Redundancy programme
• Create, manage and analyse operational resilience and redundancy information to ensure outcomes are captured and reported In line with policy
• Plan annual testing of operational resilience and support the business functions to deliver in line with expectations
• Lead and conduct annual business impact analysis activity
• Support customer and supplier requests for information security risk and operational resilience information, these could be in the form of audits or questionnaires

Requirements

• An Individual with a passion for risk management, who can translate risk to all levels of the organisation.
• Able to converse at all levels to achieve the aim of managing risk within GBG
• A team player who works well with others, who also can work well on their own
• Business risk management experience
• Risk management experience within an information security role
• Experienced with the following standards/frameworks: ISO27001. ISO22301, ISO31000, Cyber Essentials+, NIST, PCI/DSS
• Experience of using; Microsoft Lists, Jira, Power BI
• Qualified to or working towards Certified Risk Information Security Controls (CRISC)
• Qualified to Certified Information Security Management Principles (CISMP)

Behaviours we'd like to see

Benefits

Next steps

Click here to see more about what’s important to us, including our hybrid working policy, our commitment to ESG, I&D and much more.

To chat to the Talent Attraction team and find out more about our benefits, drop an email to behired@gbgplc.com and we’ll be in touch!

Make life@GBG work for you.