Roles
Boohoo
SENIOR GRC ANALYST
Explore roles
This role has expired
Boohoo
SENIOR GRC ANALYST
Manchester
In office
Description
At Boohoo, our team is committed to safeguarding the integrity, confidentiality, and availability of our systems and data. We take pride in implementing robust security measures to protect against cyber threats, ensuring secure customer transactions and maintaining trust in our brand. With a diverse and pragmatic approach to problem-solving, we align with the Boohoo family values to achieve success.
Over the last 12 months, our team has made significant progress in our information security programme, creating, and implementing Boohoo’s information security strategy and information security risk register. As we move forward, our team has a clear roadmap for the future, and we are excited to continue making a difference. We welcome anyone who shares our passion for information security and values to join us on this inspiring journey.
RESPONSIBILITIES
Conduct risk assessments to identify vulnerabilities and recommend mitigation strategies.
Ensure compliance with legal, regulatory, and contractual obligations related to information security.
Coordinate with various departments to integrate GRC practices into the organisational culture.
Monitor and report on compliance with security policies and the effectiveness of the risk management programme.
Lead internal audits and manage external audits related to information security compliance.
Provide guidance and training to staff on compliance, risk management, and information security best practices.
Manage the development and maintenance of policy documentation, including information security policies, procedures, and standards.
Stay informed of the latest Information security threats, regulatory changes, and best practices in risk management.
Facilitate communication and reporting on GRC matters to senior management and relevant stakeholders.
Lead the information security awareness programme
REQUIREMENTS
Demonstrate at least 3 years of experience in Governance, Risk, and Compliance (GRC) in an information security context.
CISA, CISM, CRISC, ISO27001 (CIS IA).
Strong leadership and team management capabilities, including the ability to drive collaboration and motivate cross-functional teams as well as the ability to lead and mentor more junior members of the team.
Working knowledge of security management frameworks like ISO27001, PCI DSS, NIST.
Demonstrable experience in driving and cultivating an information security awareness programme using relevant tools to create phishing simulations and training plans for new and existing staff.
Boohoo
SENIOR GRC ANALYST
Manchester
This role has expired