Security Analyst (GRC) - Operational Risk Management, Control Frameworks, Audit, Compliance, Risk Assessments

About the Role

• Base Location: Choose from Glasgow, Perth, or Aberdeen
• Working Pattern: Permanent | Full Time | Hybrid working options available
• Benefits: Performance-related bonus and a range of benefits to support your finances, wellbeing, and family

What is the Role?

As a Governance, Risk, and Compliance (GRC) Analyst, you'll be integral to our Risk Management function within Transmission IT. You will identify, manage, and mitigate IT and OT network risks, reporting directly to the IT Risk Manager.

Key Responsibilities:

• Operate and maintain the Operational Risk Register and update senior stakeholders, the Transmission 2nd line Risk Team, and Group Risk & Audit.
• Implement and manage a control framework across IT and OT domains.
• Plan and manage issues related to audit, compliance, and risk assessments.
• Create risk reports to convey assessment outcomes to senior management.
• Collaborate with key stakeholders.

What Do You Need?

• Experience in security risk/controls assessments and operating risk registers and/or GRC tooling.
• Knowledge of security management frameworks like ISO/IEC 27001/2, ITIL, NIST, NCSC CAF, MITRE ATT&CK, etc.
• Strong collaborative, reporting, and presentational skills.
• A relevant University Degree or Certification (e.g., CompTIA Security+, CRISC, CISA, CISM) is advantageous.

Apply today to become a GRC Analyst so as not to miss an opportunity