Information Security GRC Analyst

About the Role

We are seeking an experienced Information Security Analyst to support the delivery of governance, risk, and compliance (GRC) services for one of our leading clients.

Working closely with senior stakeholders, technology teams, and security leadership, you will play a key role in strengthening the organisation's cyber security posture through effective risk management, compliance assurance, and security governance activities. You will support the implementation and maintenance of recognised security frameworks and standards while helping to drive security improvements across business and technology functions.

This is an excellent opportunity for a security professional, who is comfortable operating in a client-facing environment and can provide pragmatic, risk-based security advice.

Key Responsibilities

• Support the delivery of cybersecurity governance, risk, and compliance activities, ensuring alignment with frameworks including ISO 27001, NIST Cybersecurity Framework, Cyber Essentials, and GovAssure.
• Conduct information security risk assessments across business processes, programmes, projects, technology platforms, and third-party suppliers.
• Maintain security risk registers, track remediation actions, and support the effective management of cyber risk across business and technology functions.
• Produce high-quality security documentation, including policies, standards, compliance evidence, assessment reports, and executive-level reporting.
• Support internal and external audits, control reviews, assurance activities, and compliance assessments.
• Facilitate workshops and engage with stakeholders across technical, programme, operational, and leadership teams to gather requirements, collect evidence, and drive security initiatives.
• Support supplier assurance and third-party risk management activities.
• Assist with the development and continuous improvement of security governance processes and controls.
• Support in embedding security best practices, data governance, and Secure by Design principles across recovery, transformation, and operational workstreams.
• Contribute to security awareness, risk reporting, and governance activities across the client environment.

Skills & Experience

Essential

• 3–5 years' experience in Information Security, Cyber Security, Governance, Risk & Compliance, IT Audit, or Risk Management roles.
• Experience conducting information security risk assessments and control reviews.
• Strong understanding of information security governance and risk management principles.
• Working knowledge of ISO 27001 and information security management systems.
• Familiarity with security frameworks and standards including NIST Cybersecurity Framework and Cyber Essentials.
• Experience supporting audit, compliance, or assurance activities.
• Strong stakeholder engagement and communication skills.
• Excellent report writing, documentation, and presentation capabilities.
• Ability to communicate complex security concepts to both technical and non-technical audiences.
• Able to work in London 2-3 days per week.

Desirable

• Experience working within government, public sector, regulated, or enterprise environments.
• Knowledge of GovAssure assessments and public sector security requirements.
• Familiarity with cloud environments including Microsoft Azure and AWS.
• Experience using GRC platforms and risk management tooling.
• Understanding of Secure by Design and security architecture principles.

Certifications

One or more of the following would be advantageous:

• ISO 27001 Lead Implementer or Lead Auditor
• Security+
• CGRC
• CISA
• CRISC
• CISSP (or Associate CISSP)

Why people choose to grow their careers at UBDS Group

Professionals choose to grow their careers at UBDS Group for its reputation as a dynamic and forward-thinking organisation that is deeply committed to both innovation and employee development. At UBDS Group, employees are given unique opportunities to work on cutting-edge projects across a diverse range of industries, exposing them to new challenges and learning opportunities that are pivotal for professional growth. The Group’s culture emphasises continuous improvement, offering ample training programs, mentorship, and the chance to gain certifications that enhance their skills and marketability.

 UBDS Group fosters a collaborative environment where creativity and innovation are encouraged, allowing employees to contribute ideas and solutions that have a tangible impact on the company and its clients. This combination of professional development, a culture of innovation, and the opportunity to make meaningful contributions makes UBDS Group an attractive place for those looking to advance their careers and be at the forefront of technological and operational excellence.

Employee Benefits

• Training – All team members are offered a number of options in terms of personal development, whether it is technical led, business acumen or methodologies. We want you to grow with us and to help us achieve more
• Private medical cover for you and your spouse/partner, offered via Vitality
• Discretionary bonus based on a blend of personal and company performance
• Holiday – You will receive 25 Days holiday, plus 1 day for Birthday and 1 day for your work anniversary in addition to UK bank holidays
• Electric Vehicle leasing with salary sacrifice
• Contributed Pension Scheme
• Death in service cover

About UBDS Group

At UBDS Group our mission is to support entrepreneurs who are setting new standards with technology solutions across cloud services, cybersecurity, data and AI, ensuring that every investment advances our commitment to innovation, making a difference, and creating impactful solutions for organisations and society.

Equal Opportunities

We are an equal opportunities employer and do not discriminate on the grounds of gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.