Analyst, GRC Client Assurance

Job Description

The Governance, Risk and Compliance (GRC) Client Assurance Analyst will have a good understanding of information security and privacy principles as well as a sound understanding of regulatory and compliance requirements affecting a global business.

As a GRC Client Assurance analyst, you will be supporting the [Employer hidden — sign up to reveal] Cyber GRC Program for [Employer hidden — sign up to reveal] Corp along with the BISO and central GRC function.

What’s the role?

• Assist with security questionnaires, RFPs, and assessments from [Employer hidden — sign up to reveal]’ corporate customers to verify our organization's security posture, often against tight deadlines.
• Respond to client inquiries related to SOC2, ISO27001, GDPR, risk management, and other security controls.
• Support Sales during enterprise deals, renewals, and escalations by providing security related information.
• Participate in customer meetings to share evidence of security controls.
• Maintain standardized responses, evidence, and customer-facing security documentation.
• Collaborate frequently with Product, Technology, Legal, and other Cyber SMEs to gather accurate, timely information and validate responses.
• Track ownership, status, and deadlines for assurance deliverables to ensure on-time completion.
• Track and manage control gaps, risks, and remediation efforts.
• Support in the implementation of key security initiatives across the organisation.
• Assist in the development and maintenance of effective measurement and simplified reporting for the Client Assurance program.
• Assist with additional Cyber related projects as needed.

Who are you?

• 3+ years’ experience within Cyber Security or related fields.
• Experience in a B2B SaaS or a cloud-native environment.
• Demonstrated experience working in a highly cross-functional environment.
• Strong knowledge and experience with Industry Frameworks and Standards such as NIST CSF, and ISO 27001.
• Knowledge of the [Employer hidden — sign up to reveal] B2B products (Risk & Compliance, Factiva, Newsplus) is a bonus.
• Good working knowledge of Cloud infrastructure, preferably AWS.
• Strong oral and written communication skills with the ability to translate technical security concepts into clear, customer-friendly language.
• Qualification in Information Security, Computer Science, Engineering or similar.
• Professional security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar are preferred.

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status or any other protected characteristic.

Reasonable Accommodation

We are committed to providing reasonable accommodation for qualified individuals with disabilities in our job application and/or interview process. If you need assistance or accommodation in completing your application or participating in an interview due to a disability, email us at [Employer hidden — sign up to reveal]. Please put "Reasonable Accommodation" in the subject line and provide a brief description of the type of assistance you need.

Please refer to the privacy notice at the bottom of this page for submitting any data access, deletion, or other data subject rights requests, where permitted under your local laws and regulations.

[Employer hidden — sign up to reveal] Corp is a global diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers and businesses throughout the world. The company comprises businesses across a range of media, including: [Employer hidden] and information services, book publishing and digital real estate services. Headquartered in New York, the activities of [Employer hidden — sign up to reveal] Corp are conducted primarily in the United States, Australia, and the United Kingdom.