JobsCloseBy Editorial Insights
RSM UK is seeking an experienced Information Security GRC Analyst to join the National Technology team, with a base in London, Gatwick or Stoke. You will develop and maintain the ISMS, conduct risk assessments and supplier due diligence, and oversee audits to align with ISO 27001 and Cyber Essentials Plus. This role requires collaboration across departments, strong policy management, and a readiness to work in a hybrid or flexible setup. Ideal candidates have hands‑on ISMS experience, supplier review knowledge, excellent organization and communication skills, and a proactive, analytical mindset. To apply, tailor your CV to ISMS duties, cite measurable risk work and relevant certifications, and highlight mentoring and cultural impact.
Information Security Analyst
We are searching for an experienced Information Security Analyst
Make an Impact at RSM UK
We are looking for an Information Security GRC (Governance, Risk, and Compliance) Analyst to join our National Technology team at RSM UK. This role can be based in our London, Gatwick or Stoke office and will be responsible for developing, implementing, and maintaining a robust information security governance, risk management, and compliance program. This role involves assessing and managing risks, ensuring compliance with relevant regulations and standards, and promoting a culture of security awareness across the organization.
You’ll make an impact by:
- Assisting with the day-to-day management and maintenance of the Information Security Management System including the development and maintenance the current information security policies, standards, and procedures
- Conducting risk assessments and identifying potential security threats and vulnerabilities, including risk assessments for projects and new initiatives
- Assisting with the completion of questionnaires for new and existing clients
- Conducting supplier assurance activities including conducting visits to existing and new suppliers, conducting due diligence, reviewing new software and services, and assessing existing suppliers
- Monitoring and ensuring compliance with relevant regulations, standards, and frameworks (e.g., ISO 27001, Cyber Essentials Plus)
- Collaborating with various departments to ensure security controls are implemented and maintained
- Conducting regular internal information security audits and assessments to evaluate the effectiveness of security controls
What we are looking for:
We value diverse experiences and perspectives. Here’s what we’re looking for in our ideal candidate:
- Demonstrable relevant experience and awareness of information security obtained from a previous information security role including the supporting and administering of an ISMS
- Experience of conducting supplier information security reviews
- Great organisational skills
- Self-motivated regarding own development and development of others within the organisation
- Excellent clear and concise communication and interpersonal skills, orally, electronically and written, with the ability to use tact and persuasive skills
- Strong analytical / investigative skills
What we can offer you:
We recognise that our people are our most important assets. That’s why we offer a flexible reward and benefits package that will help you have fulfilling experience, both in and out of work.
- Hybrid and Flexible working
- 26 Days Holiday (with the option of purchasing additional days)
- Lifestyle, Health, and Wellbeing including financial wellbeing benefits such as financial tools, electric car scheme and access to a virtual GP.
- Access to a suite of 300+ courses on demand developed by our inhouse Talent Development team.
#LI-AE1
Experienced hire
Permanent
GATWICK
Technology & Digital Advisory