GRC Risk Analyst

5 days ago


CAMBRIDGE, United Kingdom ARM Full time

Job Overview:

The GRC Risk Analyst will be responsible for identifying, analysing and influencing the management of Enterprise IT (EIT) and Enterprise Security (ES) risks.

Responsibilities:

- Support internal and external partners on matters of risk assessments, security controls, and framework requirements. Ensuring security and compliance requirements are understood.

- Coordinate EIT responses to regulatory inquiries and audits, making sure Arm is compliant.

- Support EIT business continuity management (BCM) needs. Operationalizing and assuring a capability of safeguarding our services and operations in the face of disruption and disaster. Further, to mature this capability to put us on a firm path to becoming operationally resilient.
- Ensuring continuity and recovery plans are detailed, approved, tested, and maintained by asset owners and custodians.

- Develop tactical and positive relationships within the business, partners and vendors.

- Develop Standard Operating Procedures (SOP) to detail procedures for risk assessments, third party assessments, and business process workflows for Security Governance, Risk, Resilience and Compliance.

- Ensure that fundamental information on accountable technology is accurate (e.g. KB Articles / process maps / training documents and presentations / RACI / Contract information).

- Identify and raise risks, threats and vulnerabilities of technology security matters. Working with risk owners to shepherd the risks to conclusion where possible.


Required Skills and Experience:
- Experience in conducting internal security assessments and reviews, articulating and documenting information security risks.

- Strong familiarity with security standards, and audit requirements including NIST CSF, 800-53, ISO 27001, PCI DSS, and SOC 2 Type 2 reports

- BCM programme governance - the development and maintenance of a strategy and enabling governance framework, ideally ISO22301 aligned. 
- Interpersonal skills are required to interact effectively within the Enterprise Security group, customers and vendors at a tactical level.
- Agile, self-starter and can prioritise quickly and effectively. Contributes through the quality, accuracy and timeliness of the tasks/services provided by self, and quality control of work provided by others.

“Nice To Have” Skills and Experience:
- Hands on experience implementing security within public cloud services (AWS, Azure, Google).
- Demonstrates a good understanding of the variety of technical security control concepts, procedures and systems (e.g., Email Security, AV, EDR, Firewalls).
- Security qualifications i.e., CISSP, CISM.
- Good familiarity with other Enterprise Security organization (can identify which team fulfils which roles) and a solid grasp of ITIL processes

In Return:

You will be a key person to help our leaders focus on the risk that truly matters. This is a global role with responsibility for responding to information security needs across the entire Arm corporation

#LI-JW

Accommodations at Arm

At Arm, we want our people to Do Great Things . If you need support or an accommodation to Be Your Brilliant Self during the recruitment process, please email . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.


  • GRC Risk Analyst

    4 days ago


    Cambridge, United Kingdom Connected Consulting Limited Full time

    As an experienced GRC Risk Analyst, you will be part of a team responsible for identifying, reviewing, and shaping the management of Enterprise IT Security risks. The role will involve working with internal and external teams to cover areas such as risk assessments, security controls, and framework requirements. Responsibilities include: Recognize the...

  • GRC Risk Analyst

    4 days ago


    Cambridge, United Kingdom Connected Consulting Limited Full time

    As an experienced GRC Risk Analyst, you will be part of a team responsible for identifying, reviewing, and shaping the management of Enterprise IT Security risks. The role will involve working with internal and external teams to cover areas such as risk assessments, security controls, and framework requirements. Responsibilities include:Recognize the IT...

  • GRC Risk Analyst

    4 days ago


    Cambridge, United Kingdom Connected Consulting Limited Full time

    As an experienced GRC Risk Analyst, you will be part of a team responsible for identifying, reviewing, and shaping the management of Enterprise IT Security risks. The role will involve working with internal and external teams to cover areas such as risk assessments, security controls, and framework requirements. Responsibilities include:Recognize the IT...

  • GRC Risk Analyst

    4 days ago


    Cambridge, United Kingdom Connected Consulting Limited Full time

    As an experienced GRC Risk Analyst, you will be part of a team responsible for identifying, reviewing, and shaping the management of Enterprise IT Security risks. The role will involve working with internal and external teams to cover areas such as risk assessments, security controls, and framework requirements. Responsibilities include:Recognize the IT...

  • GRC Risk Analyst

    4 days ago


    Cambridge, United Kingdom Connected Consulting Limited Full time

    As an experienced GRC Risk Analyst, you will be part of a team responsible for identifying, reviewing, and shaping the management of Enterprise IT Security risks. The role will involve working with internal and external teams to cover areas such as risk assessments, security controls, and framework requirements. Responsibilities include: Recognize the IT...

  • GRC Risk Analyst

    4 days ago


    Cambridge, Cambridgeshire, United Kingdom Connected Consulting Limited Full time

    As an experienced GRC Risk Analyst, you will be part of a team responsible for identifying, reviewing, and shaping the management of Enterprise IT Security risks. The role will involve working with internal and external teams to cover areas such as risk assessments, security controls, and framework requirements. Responsibilities include: Recognize the IT...

  • GRC Risk Analyst

    5 days ago


    Cambridge, Cambridgeshire, United Kingdom Connected Consulting Limited Full time

    As an experienced GRC Risk Analyst, you will be part of a team responsible for identifying, reviewing, and shaping the management of Enterprise IT Security risks. The role will involve working with internal and external teams to cover areas such as risk assessments, security controls, and framework requirements. Responsibilities include: Recognize the IT...


  • Cambridge, Cambridgeshire, United Kingdom arm limited Full time

    Company OverviewArm Limited is a global technology company at the forefront of innovation, driving industry standards and pushing boundaries in the fields of Artificial Intelligence, Machine Learning, and Cybersecurity.About the RoleWe are seeking an exceptional Global GRC Leader to join our team, responsible for leading our Governance, Risk, and Compliance...


  • Cambridge, Cambridgeshire, United Kingdom arm limited Full time

    Job Title: Global GRC LeaderJob Overview:As a seasoned GRC professional, you will lead a global team to develop and implement best-in-class security, risk, and compliance programs at Arm Limited, ensuring the company's continued success.This role is responsible for multiple aspects of Enterprise IT risk methodology, business continuity, third-party risk...

  • GRC Senior Manager

    6 months ago


    Cambridge, United Kingdom arm limited Full time

    Job Description Job Overview: Leading a global Governance, Risk, and Compliance (GRC) team to drive best in class security, risk programmes and policies to safeguard Arm and its partners. This is a senior role responsible for multiple aspects of Enterprise IT (EIT) risk methodology, business continuity, third-party risk framework, critical...


  • Cambridge, Cambridgeshire, United Kingdom arm limited Full time

    Job Title: Global GRC Strategic LeaderJob Overview:Arm Limited seeks a seasoned professional to lead its Governance, Risk, and Compliance (GRC) team. The successful candidate will be responsible for driving best-in-class security, risk programs, and policies to safeguard the company and its partners.Key Responsibilities:Oversee the development and...

  • Global GRC Strategist

    2 weeks ago


    Cambridge, Cambridgeshire, United Kingdom arm limited Full time

    Job Overview: Arm Limited seeks a seasoned Risk Management Director to lead its Global Governance, Risk, and Compliance (GRC) team. This is a senior role responsible for multiple aspects of Enterprise IT risk methodology, business continuity, third-party risk framework, critical assets program, security education, and Sarbanes-Oxley (SOX) compliance. The...


  • Cambridge, Cambridgeshire, United Kingdom undisclosed Full time

    Job Overview:The undisclosed organization seeks a skilled Cyber Security Governance Risk Analyst to join its team. As a key member of the organization's technology and cyber security risk management team, this professional will work closely with business stakeholders, customers, and suppliers to identify and understand risk, ensuring effective management...

  • Security Analyst

    3 months ago


    Cambridge, United Kingdom HAYS Full time

    Job for GRC Analyst Job Overview:The Our Client Technology and Cyber Security Risk Analyst will be working closely with Our Client business stakeholders, customers, and suppliers to identify and understand risk so it can be effectively managed through ServiceNow’s IRM module. You will have previous experience in transforming a GRC department and be able...


  • Cambridge, Cambridgeshire, United Kingdom undisclosed Full time

    Job OverviewThe undisclosed Technology and Cyber Security Risk Analyst will be working closely with undisclosed business stakeholders, customers, and suppliers to identify and understand risk so it can be effectively managed through ServiceNow's IRM module.This is a global role with responsibility for responding to information security needs across the...

  • Risk Officer

    6 days ago


    Cambridge, United Kingdom ARM Full time

    The GRC Risk Analyst will be responsible for identifying, analysing andrisks. **Support internal and external partners on matters of risk assessments,compliance requirements are understood.- Coordinate EIT responses to regulatory inquiries and audits, making sureSupport EIT business continuity management (BCM) needs. maintained by asset owners and...

  • IT Risk Specialist

    2 weeks ago


    Cambridge, Cambridgeshire, United Kingdom ARM Full time

    The GRC Risk Analyst will be responsible for identifying, analysing and risks. **Support internal and external partners on matters of risk assessments, compliance requirements are understood. - Coordinate EIT responses to regulatory inquiries and audits, making sure Support EIT business continuity management (BCM) needs. maintained by asset...


  • Cambridge, Cambridgeshire, United Kingdom arm limited Full time

    Job Overview:Leading a global Governance, Risk, and Compliance (GRC) team to drive best-in-class security, risk programs, and policies to safeguard Arm and its partners.This senior role is responsible for multiple aspects of Enterprise IT (EIT) risk methodology, business continuity, third-party risk framework, critical assets program, security education, and...


  • Cambridge, United Kingdom Darktrace Full time

    Founded by mathematicians and cyber defense experts in 2013, Darktrace is a global leader in cyber security AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption. We protect more than 9,000 customers from the world’s most complex threats, including ransomware, cloud, and SaaS attacks.Our roots lie deep in...


  • Cambridge, Cambridgeshire, United Kingdom Darktrace Full time

    Founded by mathematicians and cyber defense experts in 2013, Darktrace is a global leader in cyber security AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption. We protect more than 9,000 customers from the world’s most complex threats, including ransomware, cloud, and SaaS attacks.Our roots lie deep in...