Senior Security GRC Analyst

at  London Business School

The Role
London Business School are looking for a Senior Security GRC Analyst to join Technology on a permanent basis. You will collaborate closely with the GRC Analyst. The postholder will be responsible for the delivery and assurance of information security governance, risk, and compliance activities at London Business School.
The role is central to ensuring security risk is identified and understood, proportionate and effective security controls are in place, and the School’s legal, regulatory & compliance obligations are met.
The LBS Technology department is responsible for delivery and supporting all digital technology solutions required for the effective running of London Business School.

Main Responsibilities

• Contribute to the design and continuous improvement of an information security management system (ISMS) on behalf of the School.
• Contribute to the planning and running of information security governance processes, forums, and committees.
• Own and operate the Information Security Risk Management Framework and processes.
• Work collaboratively with stakeholders to ensure risks are identified, defined, assessed, and owned.
• Be the primary point of contact for query response, advice and guidance on the School’s information security legal, regulatory and compliance position.
• Manage the School’s suite of information security policies & standards, ensuring they are approved and reviewed in line with agreed governance requirements.
• Own and manage the Third-Party Security Risk Assessment process and assessments.

Who we are looking for

• Proven experience working in information security governance, risk and compliance or related field.
• Strong understanding of security standards and frameworks (e.g, NIST, ISO 27001).
• Experience of supporting an information security compliance programme, including audit and assurance activities.
• Experience of conducting third party security assessments and operating information security risk management processes.
• Effective communication and team working abilities.

What you can expect from us

• Generous annual leave of 27 days plus extra between Christmas and New Year
• Generous pension package, 14.5% employer contribution (in return for employee enrolment and contribution)
• Free onsite gym and swimming pool
• Amazing range of professional development to support your career path
• Enhanced cycle to work scheme
• Wellbeing offering to support your physical, mental and financial health
• Up to 5 days paid emergency leave for staff who have caring responsibilities for a family member, dependent or friend who is ill.

All enjoyed in a Smart (hybrid) Working environment so we’re looking forward to discussing how, where and when you might work best to deliver in your new role.

Main Responsibilities

• Contribute to the design and continuous improvement of an information security management system (ISMS) on behalf of the School.
• Contribute to the planning and running of information security governance processes, forums, and committees.
• Own and operate the Information Security Risk Management Framework and processes.
• Work collaboratively with stakeholders to ensure risks are identified, defined, assessed, and owned.
• Be the primary point of contact for query response, advice and guidance on the School’s information security legal, regulatory and compliance position.
• Manage the School’s suite of information security policies & standards, ensuring they are approved and reviewed in line with agreed governance requirements.
• Own and manage the Third-Party Security Risk Assessment process and assessments