Job Description :
Position - Senior Governance, Risk and Compliance (GRC) Analyst
Location - London
Hybrid - 3 days in office
The Senior Governance, Risk and Compliance (GRC) Analyst will have an understanding of security and privacy principles as well as a sound understanding of regulatory and compliance requirements affecting a UK business.
As a Senior GRC analyst your roles will support and maintain the News UK Cyber GRC Program along with the BISO and central GRC function, including the development, implementation and maintenance of cyber security policies, standards, guidelines and processes to ensure compliance is maintained and risk is managed.
What’s the role? ● Work with key internal and external stakeholders to ensure compliance with PCI DSS, Privacy and GDPR compliance requirements, audits and assessments. ● Assist in the risk assessment process and report on enterprise-wide and third-party security controls ● Support in the implementation of key security initiatives across the organisation ● Support management of audits, external assessments and assurance processes including, but not limited to PCI DSS and NIST CSF ● Develop and manage meaningful metrics to measure and track cyber risks and the effectiveness of the governance, risk and compliance function ● Conduct compliance readiness assessments and assurance activities against policies, standards requirements ● Track technology and cyber related audit findings and actions ● Assist with the development of measurable cyber security standards that align with policy control objectives ● Support user and specialist user education and awareness exercises for employees ● Assist in the development of effective measurement and simplified reporting of cyber security risks within the business ● Assist with third party security assessments against industry standards as well as News UK control standards ● Assist in maintaining the cyber security risk register
Who are you? ● 6+ years’ experience within Cyber Security or related fields ● Demonstrated experience in governance, risk and compliance in dynamic and complex cyber security, technology and business environment ● Strong knowledge and experience with Industry Frameworks and Standards such as NIST CSF, PCI DSS and ISO 27001 ● Good working knowledge of Cloud infrastructure, especially AWS ● Previous experience working in a SOX compliance environment is desirable ● Strong oral and written communication skills ● Qualification in Information Security, Computer Science, Engineering or similar ● Professional security certifications such as Certified Information Systems Security
Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar preferred
Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status or any other protected characteristic.
Reasonable Accommodation
We are committed to providing reasonable accommodation for qualified individuals with disabilities in our job application and/or interview process. If you need assistance or accommodation in completing your application or participating in an interview due to a disability, email us at humanresources@newscorp.com. Please put "Reasonable Accommodation" in the subject line and provide a brief description of the type of assistance you need. This inbox will not be monitored for application status updates.
Please refer to the privacy notice at the bottom of this page for submitting any data access, deletion, or other data subject rights requests, where permitted under your local laws and regulations.