Go to job search

Senior Information Security Risk Analyst (3701)

GBG Plc

Senior Information Security Risk Analyst (3701)

Salary Not Specified

GBG Plc, Chester

  • Full time
  • Permanent
  • Onsite working

Posted 3 weeks ago, 21 Aug | Get your application in now before you miss out!

Closing date: Closing date not specified

job Ref: 452898fee0f94e6d8cff57c66fee412b

Full Job Description

GBG's Information Security team of c30 team members, enable delivery of GBG's business strategy by ensuring GBG is secure and trusted. The team provides four core capabilities:

  • Governance, Risk and Compliance

  • Cyber Defence

  • Product Security

  • Security Architecture


    • The role

    Support of GBG's Information Security Risk programme, making sure It Is implemented properly with minimal risk to GBG, our customers and stakeholders.

    What you will do
  • Support the delivery of the GBG information security strategy including advanced and technical projects globally

  • Support with raising awareness of risk identification and management within the business to align to 'think risk first'

  • Manage and maintain the information security risk register to ensure risks are managed in line with policy

  • Create, manage and analyse risk management information to ensure risks are understood within the business and managed in line with expectations

  • Engage with leaders within the business to manage risks in line with policy

  • Develop information security risk education and awareness training within the organisation

  • Conduct risk assessments of new projects

  • Conduct supplier risk management activities including contract reviews

  • Create, manage and maintain the Operation Resilience and Redundancy programme

  • Create, manage and analyse operational resilience and redundancy information to ensure outcomes are captured and reported In line with policy

  • Plan annual testing of operational resilience and support the business functions to deliver in line with expectations

  • Lead and conduct annual business impact analysis activity

  • Support customer and supplier requests for information security risk and operational resilience information, these could be in the form of audits or questionnaires

    An Individual with a passion for risk management, who can translate risk to all levels of the organisation.

  • Able to converse at all levels to achieve the aim of managing risk within GBG

  • A team player who works well with others, who also can work well on their own

  • Business risk management experience

  • Risk management experience within an information security role

  • Experienced with the following standards/frameworks: ISO27001. ISO22301, ISO31000, Cyber Essentials+, NIST, PCI/DSS

  • Experience of using; Microsoft Lists, Jira, Power BI

  • Qualified to or working towards Certified Risk Information Security Controls (CRISC)

  • Qualified to Certified Information Security Management Principles (CISMP)

    GBG is the leading expert in global identity and location. In an increasingly digital world, GBG helps businesses grow by giving them intelligence to make the best decisions about their customers, when it matters most.


    • Every second, our global data, agile technology, and expert teams, power over 20,000 of the world's best-known organisations to reach and trust their customers.

    Learn more at www.gbgplc.com and follow us on LinkedIn and X @gbgplc

    Why you should be@GBG
  • We make the world a safer place

  • We trust each other and win together

  • We are local experts in a global business

  • We want you to be yourself

  • We grow when you grow