GRC Analyst

As a GRC analyst your roles will support and maintain the News UK Cyber GRC Program along with the BISO and central GRC function, including the development, implementation and maintenance of cyber security policies, standards, guidelines and processes to ensure compliance is maintained and risk is managed. What's the role?

• Work with key internal and external stakeholders to ensure compliance with PCI
DSS, Privacy and GDPR compliance requirements, audits and assessments.
• Assist in the risk assessment process and report on enterprise-wide and third-party
security controls
• Support in the implementation of key security initiatives across the organisation
• Support management of audits, external assessments and assurance processes
including, but not limited to PCI DSS and NIST CSF
• Develop and manage meaningful metrics to measure and track cyber risks and the
effectiveness of the governance, risk and compliance function
• Conduct compliance readiness assessments and assurance activities against
policies, standards requirements
• Track technology and cyber related audit findings and actions
• Assist with the development of measurable cyber security standards that align with
policy control objectives
• Support user and specialist user education and awareness exercises for employees
• Assist in the development of effective measurement and simplified reporting of cyber
security risks within the business
• Assist with third party security assessments against industry standards as well as
News UK control standards
• Assist in maintaining the cyber security risk register
  
  The Governance, Risk and Compliance (GRC) Analyst will have a good understanding of
security and privacy principles as well as a sound understanding of regulatory and compliance requirements affecting a UK business.,
• 3+ years' experience within Cyber Security or related fields
• Demonstrated experience in governance, risk and compliance in dynamic and
complex cyber security, technology and business environment
• Strong knowledge and experience with Industry Frameworks and Standards such as
NIST CSF, PCI DSS and ISO 27001
• Good working knowledge of Cloud infrastructure, especially AWS
• Previous experience working in a SOX compliance environment is desirable
• Strong oral and written communication skills
• Qualification in Information Security, Computer Science, Engineering or similar
• Professional security certifications such as Certified Information Systems Security
Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar preferred Job Category

News Corp is a global, diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers throughout the world. The company comprises businesses across a range of media, including: news and information services, book publishing, digital real estate services, cable network programming in Australia, and pay-tv distribution in Australia. Headquartered in New York, the activities of News Corp are conducted primarily in the United States, Australia, and the United Kingdom.