Information Security Analyst - GRC Job in Birmingham

3006 IT & Software Developer jobs in the UK

Company Size

<50

Company Type

Services

Exp Level

Senior

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

- Good understanding of GDPR, the UK Data Protection Act, and information security control requirements - Experience conducting supplier assurance, security due diligence or third-party risk assessments - Ability to assess technical and organisational security controls - Strong analytical skills with excellent attention to detail - Clear written and verbal communication skills, able to work with legal, technical and operational teams - Experience supporting incident or breach investigations - Ability to manage multiple competing priorities and work pragmatically with stakeholders - Relevant certifications such as CIPP/E, CIPM, CompTIA Security+, or BCS Practitioner Certificate in Data Protection (desirable) - Experience working in large, complex or multi-site environments (desirable)

Technologies

Support

Security

Responsibilities

- Conduct and coordinate information security and privacy risk assessments for new and existing suppliers - Assess supplier controls relating to data protection, information security, data hosting and subcontractor usage - Maintain accurate records of organisational data shared with third parties, including purpose of use, classification, sensitivity and processing location - Ensure supplier data handling arrangements clearly define retention, archiving and deletion requirements in line with internal policies and regulatory obligations - Support Procurement, Vendor Management, Legal and Information Security teams to embed supplier assurance throughout onboarding, renewal and contract processes - Track remediation actions with suppliers and internal teams, escalating high-risk issues where appropriate - Review how personal data is used across systems, processes and vendor solutions - Ensure data classification, sensitivity and lifecycle controls are clearly documented - Promote data minimisation by identifying unnecessary collection or retention of personal data and challenging excessive processing - Document personal data risks, gaps and recommended actions in line with risk management processes - Provide risk-based advice and technical input to business stakeholders on personal data processing - Support the review, development and implementation of information security and data protection policies - Contribute to information security risk registers and compliance monitoring activities - Produce compliance reports, dashboards and metrics for management and senior stakeholders - Assist with internal and external audits, including GDPR, PCI DSS and financial audits - Maintain compliance tracking across third-party risks, data lifecycle controls and privacy-related risks - Track remediation of identified compliance and control issues to ensure timely closure - Support incident response activities, particularly those involving third-party access or personal data - Document business and supplier processes to support governance, risk and compliance requirements - Produce clear, auditable documentation for assessments, risks, decisions and approvals

Description

We are excited to offer an opportunity for an Information Security Analyst – GRC to join our dynamic technology function in Central Birmingham on a 12-month fixed-term contract. Our team thrives on collaboration and ingenuity, and this position will be instrumental in supporting our governance, risk, and compliance activities, focusing on third-party risk management and data protection assurance. We provide a hybrid working model, which means you will work three days a week on-site with a competitive salary of £45,000.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the UKSecurity Engineer jobs in the UKSecurity Engineer jobs Birmingham

You can find Cyber Security Engineer salaries in the UK here.

How many Cyber Security Engineer jobs are in the UK?

Currently, there are 3006 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.

Is the UK a good place for Cyber Security Engineers?

The UK is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Cyber Security Engineer jobs in the UK?

Openda Ltd, Bluefruit Software Limited, The Scouts Association, City of Lincoln Council, Mas & Pas Limited, DWP Digital, Wren among others, are currently hiring for Security roles in the UK.

The company with most openings is Experis as they are hiring for 100 different Cyber Security Engineer jobs in the UK. They are probably quite committed to find good Cyber Security Engineers.