×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Support

Technical GRC Analyst

Job in Bromley Town, Bromley, Greater London, BR1, England, UK
Listing for: Bromcom Computers
Full Time position
Listed on 2026-06-15
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Support
Salary/Wage Range or Industry Benchmark: 45000 - 60000 GBP Yearly GBP 45000.00 60000.00 YEAR
Job Description & How to Apply Below
Location: Bromley Town

We are seeking a Technical GRC Analyst to support the day-to-day operation of our governance, risk, compliance, and security assurance processes within a growing EdTech SaaS environment.
This role will focus on administering established policies and workflows, coordinating compliance and security activities, handling requests from across the business, and performing risk assessments—particularly where personal data, information security, and GDPR considerations are involved.
You will play a key role in ensuring that our systems, processes, security tooling, and third-party relationships meet our security, compliance, and data protection standards.
Working closely with the IT & Information Security Manager and wider IT team, you will help maintain audit readiness, support operational security assurance activities, and coordinate remediation and evidence management across the organisation.
The role offers exposure across governance, operational security assurance, compliance, and risk management within a growing SaaS environment.

Key Responsibilities
Administer and operate IT risk, compliance, and security assurance processes aligned to internal policies and regulatory requirements (including GDPR)
Act as a central point of contact for compliance-related requests (e.g. Subject Access Requests (SARs), data sharing requests, access requests, exceptions, and supplier onboarding)
Perform risk assessments using defined criteria, with a focus on data protection and information security risks
Review requests against defined policies and controls, escalating where appropriate in line with internal governance processes
Support third-party / supplier risk assessments, including reviewing security and data protection documentation and tracking follow-up actions
Support periodic reviews of high-risk and business-critical suppliers, applications, and technology platforms to ensure appropriate security, compliance, and data protection controls remain in place
Support the implementation and ongoing operation of compliance and assurance tooling (Vanta), including evidence collection, test management, stakeholder coordination, remediation tracking, and control adoption activities.
Ensure appropriate documentation, audit trails, and evidence are maintained for assessments, compliance activities, and operational processes
Support internal and external audits (e.g. ISO 27001), including evidence gathering, action tracking, and coordination of remediation activities
Monitor compliance with policies and highlight potential risks, gaps, or control weaknesses for review
Support coordination and operational delivery of security improvement initiatives across IT and business teams.
Support incident management processes through documentation, tracking, and coordination of follow-up actions
Coordinate security awareness activities, including phishing simulation campaigns and training tracking
Assist with reviews of security tooling configurations and collection of supporting control evidence
Work closely with engineering, product, and business teams to ensure compliance and security processes are understood and followed
Contribute ideas and feedback to improve workflows and operational processes, particularly where they impact scalability, operational efficiency, or customer trust
Skills & Experience
Essential:
Experience in IT risk, compliance, or GRC roles within a SaaS or technology environment
Understanding of GDPR and handling of personal data (especially sensitive or child/student data)
Experience performing risk assessments using structured frameworks and defined processes
Ability to interpret policies and apply them to operational and real-world scenarios
Strong organisational, coordination, and documentation skills (audit trails, evidence, decision logs)
Experience working with cross-functional teams (e.g. engineering, product, operations)
Experience supporting operational security assurance activities, such as evidence collection, control validation, remediation tracking, or audit preparation
Desirable:
Familiarity with ISO 27001, Cyber Essentials, or similar frameworks
Experience supporting audits, evidence collection, or remediation…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search