Governance, Risk and Compliance Senior Analyst

The Governance, Risk and Compliance (GRC) Senior Analyst is responsible for supporting the organisation's governance, risk management and compliance function activities. This role involves supporting the GRC managers in identifying, assessing and mitigating risks, ensuring compliance with regulatory requirements and developing and implementing policies and procedures to safeguard the organisation's information assets., Risk Management:

• Conduct risk assessments and analyse the potential impact on the organisation



• Develop risk mitigation strategies and monitor the effectiveness of risk management efforts



• Maintain a risk register and track risk mitigation activities to completion.


Compliance:

• Ensure compliance with relevant internal and external regulations (e.g. corporate rules/standards, PCI, Cyber Essentials, etc.)



• Conduct regular audits and assessments to identify compliance gaps



• Work with internal and external auditors to facilitate compliance reviews and audits



• Develop and maintain documentation for Compliance activities.


Controls:

• Perform control testing activities in accordance to the established testing schedule and methodology



• Evaluate the design and operational effectiveness of internal controls



• Conduct walkthrough and gather evidence to support control testing conclusions



• Document control testing procedures, results and findings.


Governance:

• Develop, implement, and maintain policies and procedures related to information security, information technology and risk management



• Provide guidance and training to staff on governance, risk, and compliance matters



• Monitor and report on compliance with organisational policies and regulatory requirements.


Collaboration and Communication:

• Collaborate with various departments to ensure an integrated approach to risk management, control management and compliance



• Communicate risk and compliance issues to senior management and relevant stakeholders



• Provide regular reports on the status of risk management and compliance efforts.


Continuous Improvement:

• Stay current with industry best practices, standards, and regulatory requirements



• Recommend and implement improvements to GRC processes and tools
  
  Strong analytical and problem-solving skills



• Excellent written and verbal communication skills



• Ability to manage multiple priorities and work independently



• Proficiency in GRC tools and software



• Ability to work in a fast-paced environment and meet tight deadlines


Experience/Qualifications

Experience:

• 
  Significant experience in GRC, information security, risk management or a related field
  
  
• 
  Experience with risk assessment methodologies and compliance frameworks (e.g., ISO 27001, NIST, COBIT).
  
  Education:
  
• 
  Bachelor's degree in Information Technology, Business Administration, Risk Management or a related field. Advanced degree preferred.
  
  Here at Allianz, we are signatories of the ABIs flexible working charter. We believe in supporting hybrid work patterns, which balance the needs of our customers, with your personal circumstances and our business requirements. Our aim with this is to help innovation, creativity, and you to thrive - Your work life balance is important to us.
  
  Diversity & Inclusion
  
  At Allianz, we prioritize diversity and inclusion, demonstrated by our numerous accreditations: EDGE certified for gender inclusion, Women in Finance Charter members, Disability Confident employer, Stonewall Diversity Champion, Business in the Community's Race at Work Charter signatories, and Armed Forces Covenant gold standard employer.
  
  We embrace neurodiversity and welcome applications from neurodivergent and disabled candidates, offering tailored adjustments to ensure your success.
  
  We encourage our employees to advocate for their needs, whether it's assistive technology, ergonomic equipment, mentoring, coaching, or flexible work arrangements.