We have an excellent opportunity for highly motivated and skilled GRC Analysts to join our team in Aberdeen and London. This is a hybrid role working onsite in Aberdeen 3 days per week. To be considered for this role you will have experience in control design, assessment and remediation activities in relation to Applications (on prem and SaaS), or Infrastructure or Databases.
As GRC Analyst you will work as part of the team who deliver the risk management, control, compliance, and assurance programmes within IT systems and help to manage compliance and assurance activities across global locations. In addition you will ensure that relevant policies, procedures and processes are defined and updated to reflect global requirements and local variations. You will be involved in the review and assessment of Key Controls globally within IT and identify and escalate any deficiencies within the control assessment process.
What you’ll do
Ensure that assessments are regularly conducted, which can identify potential weaknesses in IS Control environment
Liaise with internal/external auditors during audits and assessments, ensuring the timely and accurate provision of information and addressing any findings or recommendations
Assist IS teams in the completion of testing, evidence gathering and submission to demonstrate Operating and Design effectiveness of controls
Provide training and input to control assessments to staff where required. Request and collection of SOC1 Type 2 and SOC 2 reports for all SaaS applications
Connect with IS teams to obtain supporting evidence for OS changes on Infrastructure as well relevant supporting information for applications
Connect with various Business teams regarding JML processes, User access matrices, DR/BCP solutions and relevant supporting evidence for applications
Work with support partners to gather information, evidence, processes, and other relevant support information for applications
Support with remediation of IS controls, where applicable, for all applications including establishing recurring requests for audit purposes e.g. requesting SOC reports, user access reviews and other control measures
Ensure management of change processes are in place to support relevant IS controls for all applications
Align with IS database team and support partners to ensure relevant control measures are in place for data integrity, relevance, and maintenance for all applications
Collaborate with IT teams, business units, and senior management to enhance awareness and understanding of IS principles, practices, and objectives
Ensure the successful delivery of initiatives and projects within the Governance, Risk and Compliance environment
Foster strong working relationships with key stakeholders to promote effective communication, coordination, and alignment of IS GRC initiatives
What to bring
Control design, assessment and remediation activities in relation to Applications (on prem and SaaS), or Infrastructure or Databases
Proven track record in developing policies and procedures
Proficient in IT governance and quality standards
Advanced Microsoft 365 skills (Excel/PowerPoint) are preferred
Experience in risk management and control assessments
Strong knowledge of General IT Controls (GITC) assessments, evidence provision and control operation
Experience working with third party vendors and on-premise solutions
Experience with internal infrastructure and database risks and controls
Familiarity with one or more industry frameworks and standards such as ITIL, COBIT, NIST Cybersecurity Framework, and ISO 27001
Strong communication skills, both verbal and written, with the ability to present technical information to non-technical stakeholders effectively
Demonstrated ability to work independently, manage multiple priorities, and meet deadlines in a fast-paced environment
Ability to influence and collaborate with cross-functional teams
If you are enthusiastic, willing to always learn and looking for a challenging but rewarding position where you work for a forward-thinking organisation who offer excellent opportunities, please send your CV to [email protected].
We welcome applications from disabled candidates, so if you have any access needs or may need adjustments in the assessment process - just let us know.
Successful candidates will be subject to background and right to work checks.
About us
prosource.it is a professional services provider in technology. Established as a traditional provider of managed IT services, prosource.it has evolved with industry and the rapid pace of change within the technology sector. We recognise the importance of people and business process in the successful adoption of technology and change. Our readiness to embrace and apply change comes from our people and we offer a variety of business services across the lifespan of successful technological deployment and adoption. We are a people centred business with a global workforce of 500 plus staff and contractors.
Our values are central to what we do and how we do it. We feel they are simple and easy to relate to and we are always looking to welcome new people to the team who share our vision and values. We pride ourselves on being easy to deal with, agile and accepting of change across a wide range of challenging and rewarding roles. We are a team of ‘can do’ and ‘how can I help’ individuals committed to teamwork, partnership, service excellence and delivery.
www.prosource.it
Seniority level
Associate
Employment type
Full-time
Job function
Information Technology
Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at prosource.it by 2x